Reverse ssh tunnel bound to remote socket reserves the socket address after disconnect preventing reconnecting

Timo Kilpilehto timperoinen at
Fri Mar 2 19:40:56 AEDT 2018

Hi all,

I recently posted this question in unix stackexchange, but now figured
it might be better suited here.

The culprit of the problem is that I have clients trying to publish
certain services as unix sockets on a server through a reverse ssh
tunnel and should the connection break for any reason, say the client
reboots or crashes the tunnel will obviously break. I've set up the
server to ping on the client and the client to ping on the server and
according to logs the server does see that the client gets
disconnected and does some cleanup. However, for some reason the now
broken and unrecoverable socket is left around and when the client
tries to reconnect it can't because "Address already in use". Why
doesn't it clean up the sockets? Is this a bug? Feature? Could this be
fixed somehow? How to best overcome this?

Here's a mini sample demonstrating the basic problem in a local environment:
#!/usr/bin/env sh
if [ -e lol.socket ]; then rm lol.socket; fi
ssh -N -T -R $(pwd)/lol.socket: &
pid="$!"; sleep 1; kill $pid #tunnel dies
[ -e $(pwd)/lol.socket ] && echo 'Socket still exists!'
ssh -v -N -T -R $(pwd)/lol.socket: -o
"ExitOnForwardFailure yes" 2>&1 | tail -5

I've been using OpenSSH 7.4 client/server when testing this.

More information about the openssh-unix-dev mailing list