openssh unix dev - Mar 2018 - Reverse ssh tunnel bound to remote socket reserves the socket address after disconnect preventing reconnecting

Hi David,

Thanks for elaborating on why this happens. Cleaning the sockets my
self seems only viable solution right now. However, as in real life
the remote sockets are created on the remote server and not on the
local client side filesystem as in my mini sample it's not quite as
easy to delete them client side. Especially because the server has
been configured to not allow clients to login or run any commands on
the server. :) So right now I'm monitoring open sockets using netstat
in cron and cleaning up any of the clients sockets not listed by
netstat, which is a hack that seems to keep things reasonably healthy,
but of course introduces potentially long delays for successful
reconnections. Delays could be somewhat shrunk by running netstat in a
faster loop inside a service. Ideally though, my problem would be
solved by making openssh do this on server side. It sounds like this
might be something you'd be willing to do, how can I help? :) All that
is really needed is something like this when closing (if we are
closing a socket bound to filesystem address):

  struct sockaddr_un name;
  socklen_t size = sizeof(name);
  memset((void *)&name.sun_path, 0, sizeof(name.sun_path));
  getsockname(sock, (struct sockaddr*) &name, &size );
  unlink(name.sun_path);
  close(sock);

Regards,
Timo

Hi Timo,

I notice that ssh has a configuration option that's useful for you.? 
According to ssh_config(5), StreamLocalBindUnlink is used to remove the 
UNIX-domain socket file before creating a new one.? It defaults to no, 
so you want to set it to yes.? I don't know when this option was 
implemented, but it's not in version 6.6p1 and it is in version 7.2p2.

Regards,

David