惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

小众软件
小众软件
量子位
博客园 - 叶小钗
Apple Machine Learning Research
Apple Machine Learning Research
U
Unit 42
IT之家
IT之家
F
Fortinet All Blogs
GbyAI
GbyAI
MongoDB | Blog
MongoDB | Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
大猫的无限游戏
大猫的无限游戏
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The Register - Security
The Register - Security
NISL@THU
NISL@THU
Webroot Blog
Webroot Blog
A
Arctic Wolf
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
V
Visual Studio Blog
Recent Announcements
Recent Announcements
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Blog — PlanetScale
Blog — PlanetScale
L
LangChain Blog
P
Palo Alto Networks Blog
Y
Y Combinator Blog
WordPress大学
WordPress大学
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
AWS News Blog
AWS News Blog
有赞技术团队
有赞技术团队
Engineering at Meta
Engineering at Meta
C
Cybersecurity and Infrastructure Security Agency CISA
aimingoo的专栏
aimingoo的专栏
Know Your Adversary
Know Your Adversary
Cyberwarzone
Cyberwarzone
Martin Fowler
Martin Fowler
The Hacker News
The Hacker News
P
Privacy International News Feed
T
Threat Research - Cisco Blogs
G
GRAHAM CLULEY
宝玉的分享
宝玉的分享
博客园 - 聂微东
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
The GitHub Blog
The GitHub Blog
S
Securelist
T
The Exploit Database - CXSecurity.com
T
Threatpost
Microsoft Azure Blog
Microsoft Azure Blog
The Cloudflare Blog
F
Full Disclosure

NetBird - Networking Knowledge Hub - RSS Feed

NetBird Is Now on the Vultr Marketplace Native NetBird on the GL.iNet Comet Pro (GL-RM10) NetBird v0.71 - IPv6 Overlay Addressing NetBird Exit Nodes - Appear at Home, or Anywhere Else Reporting Bugs and Requesting Features in NetBird Setup and Use Local AdGuard Home Anywhere with NetBird DNS How to Set Up NetBird on PiKVM for Secure Remote KVM Access NetBird v0.69 - CrowdSec IP Reputation for the Reverse Proxy Cloudflare Mesh vs NetBird vs Tailscale: Performance Compared Self-Hosting Nextcloud with Docker and NetBird Implementing Zero Trust with NetBird NetBird v0.67 - Layer 4 Proxy Support for TCP, UDP, and TLS Solwr Enhances Remote Connectivity with NetBird Self-Hosting NetBird with Authentik Jellyfin Media Server - Self-Host Your Movies, TV, and Music Cloudflare Tunnels vs. NetBird Reverse Proxy INFITX Builds Zero-Touch Kubernetes Networking with NetBird Pangolin vs. NetBird Home Assistant Setup Guide with EASY Remote Access NetBird v0.65 - Built-in Reverse Proxy with Custom Domains Docker for Beginners - Everything You Need to Get Started NetBird for SOC 2 Compliance NetBird v0.63 - Custom DNS Zones for Private Network Resolution Vibecode This in a Weekend and Take 5% of the Company NetBird v0.62 - Built-in Local Users with Optional IdP Integration NetBird v0.61.0 - Granular SSH Access Control and Automatic Updates Top 5 Alternatives to OpenVPN Top 5 Open Source Alternatives to Tailscale Top 5 Alternatives to ZeroTier How to Set Up ZeroByte and REST Server for Backups with NetBird How to Install n8n v2.0 with NPM and PM2 ZeroTier vs. NetBird The Ultimate Immich Guide - Ditch Google and Amazon Photos for Good NetBird as Your Help with ISO 27001 Compliance NetBird and Huntress - Secure Network Access for MSPs How to Access Windows Shares from Anywhere with NetBird netgo Relies on Modern ZTNA with NetBird Connect to Your Homelab from Anywhere with a Raspberry Pi NetBird SSH - A New, Identity-Aware Approach The AI Mega Mesh: How to Connect 30+ GPU Cloud Providers Connect Multiple Ollama GPUs to OpenWebUI with NetBird Top 5 Tailscale Alternatives SSH and RDP, now in your browser NetBird–Acronis Integration: Empowering MSPs for Advanced Ransomware and Threat Defense Introducing the Control Center - Remote Access, Beautifully Visualized NetBird at MSP Global 2025 Understanding Overlay Networks - The Basics NetBird and SentinelOne Singularity™ - Automate Threat Response NetBird and Microsoft Intune - Enforcing Device Compliance for Zero Trust Rethinking Zero Trust Security with NetBird and pfSense Improving Unidirectional Access Control Proxmox VE for Beginners Guide with NetBird LXC Stronger Security: NetBird + GitHub Secure Open Source Fund NetBird's MSP Partner Program Signicat Enhances Cross-Cloud Accessibility with NetBird SonicWall SSL VPN NetExtender vs. NetBird NetBird Is Embracing the AGPLv3 License NetBird Profiles Have Landed - Manage Multiple Accounts Effortlessly Rethinking Access Control to Secure Your On-Premises SharePoint Servers Sport Alliance Increases Efficiency with Zero Trust Networking at Scale Rethinking Network Access: qwertiko Goes Zero Trust with NetBird Optimizing Network Efficiency with NetBird's Lazy Connections Use Port Ranges in Access Control Policies Generic HTTP Endpoint for Network Events Streaming NetBird’s Response to Spear-Phishing Campaign Targeting Financial Executives Zero-Trust Access to Internal Resources Without Installing Agents Enhance Network Visibility with NetBird’s Traffic Events Logging TrueNAS Made Easy - Install, Set Up, and Access From Anywhere Top 5 Alternatives for WireGuard Jump Hosts. Gateways for Remote Access NetBird Network Routes and Exit Nodes Security for All - SSO and MFA for Free Enhancing Network Access Control with NetBird's Identity Provider Feature Twingate vs. NetBird Limit Network Access Based on Running Applications FortiClient ZTNA vs. NetBird OpenVPN vs. NetBird Tailscale vs. NetBird Getting Started with an Azure Site-to-Site VPN Getting Started with an On-premise-to-AWS Site-to-Site VPN Secure Remote Access to VPCs, LANs, and Offices regreSSHion - A New OpenSSH Server Remote Code Execution Vulnerability Evolve Bank & Trust Data Breach. What Happened? What Is a Site-to-Site VPN? IPSec Tunneling Demystified. Enhancing Data Security Across Networks Understanding IPSec Tunnel and Transport Modes Understanding the Differences Between IKEv1 and IKEv2 Understanding the IKEv1 Protocol in IPSec ZeroTier versus NetBird - Which Should You Choose? AWS Lambda Serverless Security. Mistakes, Oversights, and Potential Vulnerabilities Using NetBird for Kubernetes Access Serverless Security Vulnerabilities and Best Practices to Mitigate Them Security Best Practices for Serverless Azure Functions A Guide to Remote Access Security for SMEs IoT Security Essentials. How to Achieve Secure Remote Access Open Source Zero Trust Networking Using SSH for Secure Remote Access How We Integrated Rosenpass in NetBird The First Quantum-Resistant Mesh VPN Using eBPF and XDP to Share Default DNS Port Between Multiple Resolvers
NetBird v0.66 - Expose Local Services to the Internet from the CLI
Written byBrandon Hopkins · 2026-02-23 · via NetBird - Networking Knowledge Hub - RSS Feed

Sharing a local development server, running a quick demo for a teammate, or testing a webhook integration usually means wrestling with tunneling tools, firewall changes, or deploying to a staging environment just so someone else can reach your endpoint.

NetBird v0.66 introduces the command, letting any connected peer expose a local HTTP or HTTPS service to the public internet through the NetBird reverse proxy with a single command. The service is ephemeral, it lives only while the command runs and cleans up automatically when you stop it. No dashboard clicks, no YAML files, no infrastructure changes.

NetBird expose command

How It Works

If you already have NetBird running, exposing a service is one command:



That's it. NetBird handles the rest: provisions a TLS certificate, assigns a public domain, and routes traffic through your NetBird reverse proxy to your local port. You get output like:




The service stays alive as long as the command runs. Press  and it's gone, no orphaned configurations, no cleanup required.


Built-In Authentication


Exposing a port to the internet doesn't mean exposing it to everyone. The expose command supports three authentication methods you can mix and match directly from the CLI.


PIN Protection


Add a 6-digit PIN that visitors must enter before accessing the service:




PIN entry page for exposed service


Password Protection


Protect with a password for slightly more flexibility:




SSO User Group Restriction


Lock it down to specific groups from your identity provider:




Users must authenticate through your configured IdP and belong to one of the specified groups. This is ideal for team-internal sharing where you want SSO-level assurance without setting up a permanent service.


Combine Them


All methods can be combined. When multiple are enabled, visitors can choose which authentication method to use:




Authentication selection with PIN, password, and SSO options


Custom Domains and Name Prefixes


By default, exposed services get a randomly generated subdomain. For more readable URLs, you have two options.


Name prefix adds a human-readable prefix to the generated domain:




Custom domain uses a domain you've already configured in your account:




Custom domains must be pre-configured and verified in your NetBird account before they can be used with the expose command. See the  Custom Domains documentation  for setup instructions.


Ephemeral by Design


Unlike services created through the dashboard, exposed services are intentionally temporary. Here's what that means in practice:


    

  • Automatic cleanup: Stop the command and the service is immediately removed. No orphaned proxy configurations.
    • 

  • Crash recovery: If the client disconnects unexpectedly (crash, network failure, ), the service automatically expires after 90 seconds.
    • 

  • Keep-alive: The CLI sends a renewal signal every 30 seconds. The management server maintains a 90-second TTL that resets on each renewal.
    • 

  • Rate limited: Each peer can run up to 10 concurrent expose sessions.
    • 



This lifecycle model means you never have to worry about forgotten services lingering in your infrastructure. Everything cleans itself up.


Reverse proxy high-level diagram


The above diagram is a high-level overview of how the NetBird reverse proxy functionality works. For more details, see the  Built-in Reverse Proxy with Custom Domains  product update.


Dashboard vs. CLI: When to Use Which


The expose command doesn't replace dashboard-created services. They serve different purposes:


Dashboard ServicesCLI Expose
LifecyclePersistentEphemeral
Created viaDashboard or API command
Best forProduction services, long-running endpointsDemos, dev sharing, testing, webhooks
Multiple targetsYes (path-based routing)Single local port
Advanced settingsHost headers, redirect rewritingNot available


Use the dashboard for anything that should be always-on. Use  for everything temporary.


Enabling Peer Expose


Before peers can use the expose command, an account administrator needs to enable the feature:


    

  1. Navigate to Settings > Clients in the NetBird dashboard
    2. 

  2. Scroll to the Peer Expose section
    3. 

  3. Toggle Enable Peer Expose on
    4. 

  4. Select at least one peer group that is allowed to expose services
    5. 

  5. Click Save Changes
    6. 



Peer Expose settings in the NetBird dashboard


Or via the API:




Only peers belonging to the specified groups can use . Peers outside the allowed groups will receive a  error.


Getting Started


    

  1. Update your NetBird client to v0.66 or later
    2. 

  2. Make sure your NetBird client is connected ()
    3. 

  3. Ask your account administrator to enable Peer Expose in Settings > Clients
    4. 

  4. Run  and share the URL
    5. 



For the full command reference, authentication details, session lifecycle, and troubleshooting, check out the  Expose from CLI documentation .



        

          
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。