diff --git a/bin/shell/osh.pl b/bin/shell/osh.pl
index 7d7da2b1f..71b8fb44b 100755
--- a/bin/shell/osh.pl
+++ b/bin/shell/osh.pl
@@ -371,6 +371,7 @@ sub main_exit {
     "interactive|i"   => \my $interactive,
     "netconf"         => \my $netconf,
     "wait"            => \my $wait,
+    "wait-port=i"     => \my $wait_port,
     "ssh-as=s"        => \my $sshAs,
     "use-key=s"       => \my $useKey,
     "kbd-interactive" => \my $userKbdInteractive,
@@ -1504,6 +1505,25 @@ sub main_exit {
     }
 }
 
+# if --wait-port is specified, we wait for the host specific port to be open before connecting
+if ($wait_port) {
+    my $startedat = time();
+    osh_info "Testing $host port $wait_port, will connect as soon as it's open...";
+    while (1) {
+        my @testportcmd = qw{ nc -w 1 -z -v -n };
+        push @testportcmd, $host, $wait_port;
+
+        my $fnretexec = OVH::Bastion::execute(cmd => \@testportcmd, noisy_stdout => 1, noisy_stderr => 1);
+        $fnretexec or exit(OVH::Bastion::EXIT_EXEC_FAILED);
+        if ($fnretexec->value->{'sysret'} == 0) {
+            osh_info "Open after waiting for " . (time() - $startedat) . " seconds, connecting...";
+            sleep 2 if (time() > $startedat + 1);    # so that ssh has the time to startup... hopefully
+            last;
+        }
+        sleep 1;
+    }
+}
+
 my $logret = OVH::Bastion::log_access_insert(
     account     => $self,
     cmdtype     => $telnet ? 'telnet' : 'ssh',
@@ -2001,6 +2021,7 @@ sub long_help {
     --always-escape      Bypass config and force the bugged behavior of old bastions for REMOTE_COMMAND escaping. Don't use.
     --never-escape       Bypass config and force the new behavior of new bastions for REMOTE_COMMAND escaping. Don't use.
     --wait               Ping the host before connecting to it (useful to ssh just after a reboot!)
+    --wait-port          Test the host specific port to be open before connecting to it
     --long-help          Print this
 
 [REMOTE_COMMAND]