ssh

Create a restricted user for SSH tunneling

<?php
$URL="https://raw.githubusercontent.com/panticz/scripts/master/create_ssh_tunnel_user.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo " 

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Add your public key(s)
cat /tmp/authorized_keys > /home/tunnel/.ssh/authorized_keys
sed -i 's|ssh-rsa|command="/bin/false",no-pty,no-X11-forwarding ssh-rsa|g' /home/tunnel/.ssh/authorized_keys

# parameter
command="/bin/false",no-agent-forwarding,no-pty,no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:80"
no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding

Links
http://www.gnu.org/software/bash/manual/html_node/The-Restricted-Shell.html

Subscribe to ssh