tunnel
tunnel
user./home/tunnel/.ssh/authorized_keys
command="",restrict,port-forwarding
will restrict the access. If someone get physical access to the on-premisse server it will not be possible to allocate a TTY using the RSA key. /home/tunnel/.ssh/id_rsa
you copied from the tunnel server./home/tunnel/.ssh/id_rsa.pub
you copied from the tunnel server.PUT-YOUR-TUNNEL-SERVER-HOST-HERE
with your tunnel server host or IP.PUT-YOUR-TUNNEL-SERVER-HOST-HERE
with your tunnel server host or IP.