[tjoff]

Um, just signing up for ngrok - 10 times more effort than port forwarding. Then you have to learn how to ngrok. And thats that's before actually figuring out what ngrok really is, how sensible it is to route data through a third party etc. etc. etc.

For people without public IPs - why not just learn how to setup an SSH tunnel instead? Similar effort, save it as a script. Boom, you actually learned something useful too.

[untog]

"learn how to ngrok" "figuring out what ngrok really is"

...really? You're trying very, very hard to dislike this tool and it's kind of funny. What is the objection to it, exactly? It makes a task easier. You don't have to use it, but others can.

If you're proposing SSH tunnels as an alternative, where am I SSHing to? I need a publicly accessible remote box. So I'll need to set that up, then set up an SSH tunnel. Or, install a CLI tool and learn one command.

[mgkimsal]

Apparently, the gp simply believes that "port forwarding" is the be-all/end-all, and anything else is inferior.

I've used ngrok because it was something that I could generally count on other people being able to install. I can't always be sure they understand how to do some of the more advanced stuff being suggested in this thread (they may not have permissions, or time, or technical knowhow).

[tjoff]

I don't dislike it, at all. People seem to like it and I have no reason to distrust that. And if you really don't have any box to SSH to and can't see any use of a VPS other than an SSH tunnel then fine - ngrok is probably great.

But... If the only reason you do this is because you haven't got a clue about what dynamic DNS is, as many here seems to do, or you feel that setting up a SSH tunnel is complicated then I'm going to assume that you have no clue about the security implications of using something such as ngrok (or an SSH tunnel) to your local machine - and should probably not under any circumstances be allowed to set one up at your office.

That assumption might be wrong, but the discussions here only reinforce my belief that the niche for this (perhaps excellent) tool should be extremely small even within the HN audience. And that it isn't (currently at the top of the front page) is quite concerning. It solves a very small problem that I can solve with tools I (and most people on HN) already have installed - without going through someone else's cloud. Without registering for yet another service (bad or good, doesn't matter).

I'm questioning that there is a need for this among the HN audience. And I'm questioning that most people that have a need for it should be allowed to use it. Whether the tool is awesome or not is besides the point.

[martijndwars]

I have no clue about the security implications. What can go wrong if I use ngrok for my development environment that receives development webooks? Please enlighten me.

[azinman2]

I'm not sure you've ever used ngrok. There's no sign up. You literally just run the binary with a port as a argument and that's it. It also gives you access logging that you wouldn't otherwise have.

So it's not similar effort, especially given that I use it on my corporate network where doing port forwarding more assuredly would be difficult and problematic.

[hamandcheese]

> how sensible it is to route data through a third party

Maybe don't keep sensitive data on your dev machine?