Sense opening outbound SSH tunnels



I was having some technical issues recently and noticed that Sense was doing something unexpected for IoT devices that I have in my house. Sense was attempting to open outbound SSH tunnels to a Sense AWS instance.

I was wondering what the purpose of these SSH tunnels is and why Sense needs them when all data sent via HTTPS to sense servers and AWS repositories?



Let me ask the team and get back to you.


Talked to the relevant support and engineering folks here.

When Sense Support is helping a customer work through technical issues, they sometimes need to track down and resolve configuration or other software problems on the Sense monitor. For most common issues – for example, CT configuration problems – we have automated tools Support can use to update the monitor.

For more unusual issues, however, sometimes the automated diagnostics and logs we have access to the Sense servers are not enough to figure out the problem. In these cases, we can ask the monitor to directly connect to our servers via SSH so that we can get access to the more detailed debugging information (stored only on the monitor) that we need to diagnose and resolve the issue. This ability is tightly restricted to a small group of Sense employees, used only when necessary, and all access to it is audited. Over time, as we gain knowledge from seeing more monitors in the field, we are adding automated tools to handle more classes of problems, further reducing the cases where we need to use this capability.

Please let me know if you have any further questions about this and I’ll do my best to answer.