Yes, I totally wish I could have this firewall-punching SSH feature as well (which Syncthing already has, i.e. doing away with the need for port forwarding on the firewall, or UPnP on the Syncthing server behind the firewall, or DynDNS to ensure a hostname leading to the SSH server running on a Syncthing server behind a firewall).
I absolutely love how Syncthing has basically done away with the need for such port-forwarding, UPnP, or DynDNS (for Syncthing nodes to find each other).
I agree that it’s not Syncthing’s job to improve the SSH servers of the world, but none the less, my burning use case for Syncthing (that has my SSH server jealous of Syncthing) goes like this:
Say I have a Syncthing server behind a firewall, and it’s in a remote location I don’t go to physically, and I don’t have a capable person at that remote site to remotely administer Syncthing for me. This remote Syncthing server is running the common and obvious OpenSSH server as well (for linux), but port forwarding on the firewall, and DynDNS are not set up (and OpenSSH doesn’t do UPnP).
I remotely try to “Add Device” for that firewalled Syncthing Server, since I know the correct Device ID. But now someone needs to press the “Accept” button on the Web GUI on that remote Syncthing server behind the firewall! And I can’t reach that “Accept” button remotely, without creating a working SSH tunnel into that remote Syncthing server. Aargh.
So in summary, I wish OpenSSH would notice the awesome firewall-punching abilities which Syncthing has, and likewise do the same, thereby doing away with the need for port-forwarding, UPnP, and DynDNS for SSH, just as Syncthing has done away with it.