In this example Destination is puna-o-te-ki dialed up on a 3G Vodafone mobile broadband modem. It gets a DHCP address AND is blocking ssh inbound. Our Middle server is an always on server behind a NATd network also on a DHCP WAN address. That WAN address is advertised via DynDNS so we know where to look for it. Our Origin is our laptop - anywhere in the world, also DHCP and NATd. Create our .ssh/config file Host house HostName house.dyndns.com Port 2220 Create the ssh DSA key rossetti@puna-o-te-ki:~$ ssh-keygen -t dsa Install it on the server in the middle rossetti@puna-o-te-ki:~$ ssh-copy-id -i ~/.ssh/id_dsa.pub house Bring up the tunnel -R reverse tunnel -N no remote command -n redirect stdout to /dev/null (required for backgrounding ssh) -T Disable pseudo-tty allocation rossetti@puna-o-te-ki:~$ ssh -nNT -R 22002:localhost:22 house Test the tunnel rossetti@Wakatipu:~$ ssh localhost -p 22002 Set up client keepalive on the destination server. rossetti@puna-o-te-ki:~$ cat /etc/ssh/sshd_config TCPKeepAlive yes ClientAliveInterval 300 ClientAliveCountMax 99999 Set up GatewayPorts on the middle server. This allows us to pass through the middle server without ssh in there and then on to the destination. You'll also need to forward our destination port on the middle servers router/firewall to the middle server. rossetti@Wakatipu:~$ cat /etc/ssh/sshd_config GatewayPorts yes Test sshing in from our origin laptop whale:~ rossetti$ ssh house -p 22002 http://en.gentoo-wiki.com/ http://articles.techrepublic.com.com/