Autossh Tunnel

WHY

Because I want remote access somewhere without others having access to that machine.

HOW

Create a user on your machine, set his public_key on his account ( ~/.ssh/authorized_keys ). Transfer the private key to THAT machine.

Change his login to /sbin/nologin, he doesn't need to get in your box, you need to get into his.

Also, on the remote machine, be sure to have your user with a key ( disable the password login ).

Install autossh on the remote machine.

autossh -M 5122 -R 1942:localhost:5522 user@192.168.1.95 -p 5522 -i .ssh/key -N

What these mean:

-M is the control port ( 5123 will be the echo port )

1942:localhost:5522 - means that it'll open port 1942 on YOUR machine and will forward everything to port 5522 on THAT machine ( I have ssh set on 5522 )

The rest is just ssh telling to go login with the user on host 192.168.1.95 on port 5522 ( yes, I have 5522 set up in sshd_config on both my and the remote machine ) with the private key and -N tells not to execute a command ( if it tries to .. it'll fail and disconnect because of /sbin/nologin )

After this, you can connect from your machine to localhost:1942 and safely do:

iptables -I INPUT -p tcp --dport 5522 -j ACCEPT

iptables -A INPUT -p tcp --dport -j DROP

Afterwards, you can just add this to your /etc/crontab