K9s, a powerful terminal UI for Kubernetes, simplifies cluster navigation, scaling, and assessing resource health. But did you know K9s also allows you to establish SSH-like access to your pods? The K9s SSH Access Proxy feature is a game-changer for troubleshooting and debugging, enabling secure connections to your cluster without jumping through multiple hoops.
This post will walk you through everything you need to know about the K9s SSH Access Proxy: what it is, why it’s valuable, and how to use it effectively.
What is the K9s SSH Access Proxy?
When working inside Kubernetes clusters, accessing pod logs, troubleshooting, or running commands can often require an additional SSH service or complex access configuration layers. That’s where the K9s SSH Access Proxy steps in.
The SSH Access Proxy in K9s serves as a mechanism to securely connect to specific workloads via port-forwarding. It mimics SSH-like capabilities by establishing direct, terminal-based access to a pod or resource. This eliminates the need for external add-ons or managing dedicated SSH keys.
Why Use the K9s SSH Access Proxy?
This feature streamlines your workflow in the following key ways:
1. Seamless Debugging
No need to SSH into underlying nodes or set up specific pod-based users. The K9s SSH Access Proxy simplifies direct diagnostics in complex environments without altering cluster workflows.
2. Enhanced Security
The proxy leverages Kubernetes Role-Based Access Control (RBAC) policies instead of exposing a wide network surface for SSH servers. This confines access to authorized namespaces, reducing risks.
3. Save Development Time
Frequent cluster context-switching to execute one-off commands becomes time-consuming. The K9s proxy’s built-in terminal capabilities minimize operational delays.
4. Customizable Workflow
Through K9s' configuration files, you can customize authentication credentials, namespace scoping, and bind ports, making it easier to adapt it to specific organization standards.
How to Enable and Use the K9s SSH Access Proxy
Step 1: Verify Your Permissions
Ensure your Kubernetes RBAC user or service account has exec privileges. This allows interaction with the kubectl exec API, which the K9s SSH Access Proxy uses under the hood.
Access this option from the K9s UI under the pod view. Highlight the pod you wish to connect to, then press colon (:) to open command mode. Enter:
port-forward <pod-name> 2222:22
This forwards port 22 in the pods to your local machine on port 2222.
Step 3: Open Your Terminal Session
Once the port forwarding is active, simply open your terminal (outside of K9s), and create a local SSH session pointing to your forwarded port:
ssh -p 2222 localhost
You’ll gain direct access to your workload’s shell, resembling an SSH login.
Step 4: Automating Proxies (Optional)
K9s allows for permanent proxy configurations via its .k9s/config.yaml file. This eliminates manual intervention while debugging recurring pods.
Is This Solution Right for You?
While K9s SSH Access Proxy accelerates debugging for engineers, it might not entirely replace tools like kubectl exec or dedicated port-forwarding workflows. Its primary advantage lies in the ease of combining these actions into an all-in-one UI experience. For teams managing microservices or frequent pod interactions, it brings measurable gains in speed and simplicity.
If you’re constrained managing repetitive configurations or tired of switching terminals, the K9s Access Proxy is worth adopting as part of your Kubernetes toolkit.
See K9s SSH Access In Action With Hoop
Looking for a way to extend efficient cluster monitoring with practical automation features? Hoop.dev is designed to simplify remote Kubernetes access workflows like the K9s SSH Access Proxy. Experience streamlined setup, real-time support, and enhanced security for admins and developers alike.
Discover it live in minutes — because navigating Kubernetes should feel effortless.