I would like to establish a reverse SSH-tunnel (with OpenSSH_7.4 or newer). The purpose is to allow SSH-connections from a central server to multiple devices whose task it is (among others) to establish the tunnels. The central server has a known IP, while the devices do not.
I would usually do this in the following way on one of the devices
ssh -R "4001:server:22" -p 22 user@server such that I can connect from the server to the device
ssh -p 4001 deviceuser@localhost This works (and I do not need to know the IP-address of the device).
Now, I am not connecting a single device, but multiple, each of which creates a reverse tunnel and needs a separate port on the server. Furthermore, I want to connect repeatedly via ssh to each of them.
Thus, I had the idea to establish the reverse tunnel with a socket, like so:
ssh -R "~/tmp/device.sock:server:22" -p 22 user@server In order to connect to the device from the server by
ssh -S ~/tmp/device.sock -p 22 deviceuser@device I need the device's IP here, but that wouldn't be the major issue. However, I cannot seem to get that to work. The first command creates the socket, but with the second one I get errors such as
Control socket connect(/home/user/tmp/device.sock): Connection refused The intended behaviour is that I can connect to the device through the tunnel, just like with the tunnel at port 4001 above, but based on the socket file. I cannot find any concise resources and wonder if, what I attempt, is in fact possible.
I assume that I could first create the tunnel to port 4001 and then an start an ssh control connection using a socket, but then I still need to use multiple ports on the server. There are enough ports available for my purposes, but I was hoping that there is a more elegant way to achieve this.
