Are Unauthorized clients allowed to connect and use Chisel server?

[macruspareto]

[jpillora]

By design, need to use the auth flag to enable client auth

On Wed, 16 Jul 2025 at 5:03 pm, macruspareto @.***> wrote:

macruspareto created an issue (jpillora/chisel#563) https://github.com/jpillora/chisel/issues/563

Please help me understand this:

With mostly default settings from your documentation, I tried this setup:

server:

chisel.exe server --keygen chisel.server.key chisel.exe server --keyfile chisel.server.key -v --socks5

client: chisel.exe client server-ip:8080 socks

And to my surprise, the server HAS NOT bounced my client.

It did allow me to connect and use socks5 freely.

I was expecting it to behave like SSH or WireGuard where its client's job to provide some proof of identity. As you can see, there is none whatsoever.

It allows a total stranger to connect if you didnt set up your server properly.

I guess if you don't want ANYONE from ANYWHERE in the world to use your server (running with default settings) as an open proxy, you should pay attention to that users.json section in the README file. Until then - watch out!

— Reply to this email directly, view it on GitHub https://github.com/jpillora/chisel/issues/563, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE2X46OYPS7HZPL6I24IWL3IX2LFAVCNFSM6AAAAACBT7LOGOVHI2DSMVQWIX3LMV43ASLTON2WKOZTGIZTINZUGUYTMNY . You are receiving this because you are subscribed to this thread.Message ID: @.***>