====== Incoming SSH tunnels with the XifNet ======

No UPnP on ur network ? Can't open NAT ports ? Too bad... \\
Well, there is a solution : **SSH Tunnels**. Let's see how.

__On ur machine__ :
  - ''ssh-keygen -t ed25519 -f .ssh/sshtun''
  - Copy ur pub key (''cat .ssh/sshtun.pub'')
  - Configure the distant machine (read below)
  - Start the service on port ''[XXX]''
  - Choose port ''[YYYY]'' for the service (''YYYY'' > 1024)
  - ''ssh -f -N -T -R[YYYY]:localhost:[XXX] sshtun@[disthost].net.xif.fr -o IdentityFile=~/.ssh/sshtun''
  - ''ioslaves-master [me] [disthost] -C --open-port=[YYYY]''
  - Enjoy : connect to the service at ''[disthost].net.xif.fr:[YYYY]''

__On the XifNet distant machine__ :
  - ''useradd sshtun -s /bin/nologin''
  - ''sudo -u sshtun sh -c "cd ~ && mkdir -m 700 .ssh && nano .ssh/authorized_keys && chmod 600 .ssh/authorized_keys"''
    * In ''authorized_keys'' : add ''no-pty,no-agent-forwarding ssh-ed25519 [the_key] [the_host]''
  - Edit ''/etc/ssh/sshd_config'' and set 
    * ''GatewayPorts yes'' to enable listening on ''*'' iface
    * ''PermitTunnel yes''
  - ''systemctl restart sshd''

And then admire ur work with ''lsof -Pi''

__Note__ : ''sshtun@nashorn.net.xif.fr'' is already configured so.