How to design a CLI-based client for tunneling

[Utopiah]

The goal is to use HTTPS as a circumvention measure when SSH isn't typically possible (e.g blocking traffic on port 22, blocking non HTTPS traffic, etc) yet not being limited to SSH.

It is currently possible to connect via curl as a way to show that using the CLI is possible. It does not maintain the connection though nor allow another client (that wouldn't mind the incurred delays) to connect via it.

Related https://webssh.net/documentation/help/networking/vpn-over-ssh/

[billchurch]

Not really as the terminal stream is served over websockets.

You would need some sort of companion app to run on the client to do something like this.

Tailscale or something else is probably more appropriate.

[Utopiah]

As Tailscale is based on Wireguard and some VPN related traffic would be blocked in such a scenario I don't think it would help.

What would writing "some sort of companion app" entail? Becoming a WebSocket client? Would it be (relatively easily) doable via NodeJS?