From b49300aed178af520827273e04429c3506968f74 Mon Sep 17 00:00:00 2001
From: Vincent Bernat <bernat@luffy.cx>
Date: Thu, 27 Dec 2012 21:46:52 +0100
Subject: [PATCH] ssh: add "rssh" for reverse-SSH command

---
 rc/ssh.zsh | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/rc/ssh.zsh b/rc/ssh.zsh
index 9ba6f608..5786556a 100644
--- a/rc/ssh.zsh
+++ b/rc/ssh.zsh
@@ -1,7 +1,6 @@
 # -*- sh -*-
 
-ssh() {
-    _vbe_title "$@"
+_vbe_ssh() {
     # TERM is one of the variables that is usually allowed to be
     # transmitted to the remote session. The remote host should have
     # the appropriate termcap or terminfo file to handle the TERM you
@@ -40,3 +39,28 @@ ssh() {
 	    ;;
     esac
 }
+
+ssh() {
+    _vbe_title "$@"
+    _vbe_ssh "$@"
+}
+
+# The following command implements a reverse SSH connection. This is
+# to connect to hosts behind a firewall, which can connect to your
+# machine but you cannot connect directly. The idea is that they issue
+# a TCP connection that you will use as a tunnel to access their SSH
+# port.
+#
+# I am using this to connect to VM using user-mode network (QEMU, KVM,
+# UML, ...).
+rssh() {
+    # We should probe for a free port, but is it easy?
+    local port
+    port=$((21422 + $RANDOM % 1000))
+
+    print "On remote host, use \`socat TCP:10.0.2.2:$port TCP:127.0.0.1:22\` to allow SSH access... "
+    _vbe_title "$@"
+    _vbe_ssh -o \
+        ProxyCommand="socat TCP-LISTEN:$port,bind=127.0.0.1,reuseaddr STDIO" \
+        "$@"
+}