You want to connect your local machine to a server, so that you can use the tunnel to connect from the server to your local machine. This works without port forwarding in routers and often through firewalls.

local machine ———» starts reverse tunnel to the ———» server.

server ———» connects via the tunnel to the ———» local machine.

On the local machine execute:

ssh -p222 -nNTR 2223:localhost:22 username@90.123.23.11

where in this example

• 222 is the port of sshd on the server
• 2223 is the port on the server, that will be forwarded to the local port 22
• 22 is the port of sshd on local machine
• username is the username on the server, should have restricted rights.
• 90.123.23.11 is the ip address of the server

Again, with placeholders:

ssh -p<sshd port server> -nNTR <forwarded port server>:localhost:<sshd port local> <username>@<ip server>

To connect from the server to the local machine, that initiated the tunnel, use the following command on the server:

ssh -p2223 username@localhost

where

• 2223 is again the port, that was forwarded
• username in this case is a username on the former “local machine”, not on the server

Use autossh to keep your ssh tunnel alive, description of ports see above.

sudo apt-get install autossh
autossh -p222 -nNTR 2223:localhost:22 username@90.123.23.11

Use public key authentification and make an @reboot cronjob to automatically create the tunnel.