All posts
October 16, 20251 min read

SSH Access Through Kubernetes Ingress with a Proxy

That’s the power an ingress resource can give you when paired with SSH access and a proxy. Ingress resources are Kubernetes objects that manage external access to services inside a cluster. They define rules for routing traffic based on hostnames, paths, and protocols. When combined with SSH, the ingress resource becomes a secure gateway—not just for HTTP or HTTPS—but for direct, authenticated access to internal workloads. The SSH access proxy layer ensures every connection passes through a con

Free White Paper

SSH Access Management + Database Access Proxy: The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Free. No spam. Unsubscribe anytime.
Andrios Robert

That’s the power an ingress resource can give you when paired with SSH access and a proxy.

Ingress resources are Kubernetes objects that manage external access to services inside a cluster. They define rules for routing traffic based on hostnames, paths, and protocols. When combined with SSH, the ingress resource becomes a secure gateway—not just for HTTP or HTTPS—but for direct, authenticated access to internal workloads. The SSH access proxy layer ensures every connection passes through a controlled, auditable entry point.

Using an ingress resource for SSH requires precise configuration. You define ingress rules that point to a service running your SSH proxy. This proxy manages sessions, keys, and permissions. Tools like NGINX Ingress Controller or Traefik can be extended to route TCP streams, not just HTTP, allowing SSH traffic into the cluster without exposing raw node ports.

Security is the priority. The ingress resource should enforce TLS wherever possible. SSH keys must be rotated and stored securely. The proxy should integrate with your existing identity systems, ensuring only approved users gain access. Logging must capture every connection and command to meet compliance standards.

Continue reading? Get the full guide.

SSH Access Management + Database Access Proxy: Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

Performance is a close second. An ingress resource handles load balancing for SSH connections in the same way it does for HTTP, distributing sessions across multiple pods. This keeps latency low and availability high. With the right setup, engineers can reach critical infrastructure quickly without compromising safety.

This approach also simplifies operations. Instead of managing scattered firewall rules or direct node access, you define everything in YAML. Upgrades, redeployments, and scaling happen through Kubernetes primitives. SSH over ingress through a proxy becomes part of the same declarative workflow you use for the rest of the cluster.

It is simple to test this pattern. Deploy an ingress resource, run a lightweight SSH proxy service behind it, configure host rules, and validate from a remote host. Once working, you can roll it out across your environments with minimal changes while enforcing consistent governance.

If you want to see ingress resources with SSH access proxy in action, go to hoop.dev and deploy your first working example in minutes.

Get started

See hoop.dev in action

One gateway for every database, container, and AI agent. Deploy in minutes.

Get a demoMore posts