on the target server create an account that can’t run anything
sudo useradd tether -m -s /bin/true
then create the autossh service of the source and exchange sshkeys
/etc/systemd/system/autossh.service
[Unit]
Description=AutoSSH tether
After=network.target
[Service]
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -N -M 0 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=180" -o "ServerAliveCountMax=3" -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i /root/tether/id_ed25519 -R 0.0.0.0:10022:127.0.0.1:22 -R 0.0.0.0:43389:10.20.22.44:3389 -R 0.0.0.0:1443:10.20.22.41:443 -R 0.0.0.0:9443:10.20.22.99:443 tether@ssh.steveborba.com
Restart=always
[Install]
WantedBy=multi-user.target