As we discussed on my question, the question comes to this point:
Could we establish a TCP connection via UDP Hole Punching technique?
— Original Question / History —
I'm using reverse tunnel feature of OpenSSH in order to connect an SSH server that is behind a firewall.
Now I can connect server-behind-firewall
machine by issuing
ssh me@my-known-server -p 12345
This way, all of my-laptop
's traffic is routed to my-known-server
, and my-known-server
is routing this traffic to the server-behind-firewall
machine. I think this is inefficient.
What I am looking for is a technique that will provide same functionality but using bittorrent's technique (which is, peers create UDP connections to the my-known-server
(tracker) and sends packets to eachother directly)
Is there any way to achieve this functionality?
Edit:
Bittorrent connection is created via "UDP hole punching" technique.
Edit-2:
Apparently what I was looking for is making an SSH connection over "Hamachi" like software which uses NAT traversal technique.
Best Answer
ssh-p2p makes exactly what you were trying to do, it creates a direct peer to peer ssh connection using RTCDataChannel/WebRTC as transport (which use ICE NAT Transversal for hole punching).
If either the client or the server is inside a really restricted network, the direct connection will fail. Usually, peer to peer connections fallback to use a proxy server (in the case of RTC a TURN server), but ssh-p2p will just fail if a direct connection is not possible.
So, if ssh-p2p is failing to connect, you should use a proxy server. You can use the "reverse proxy" method that you described or you can use a third-party proxy as ngrok or serveo.