Something like : Person trynig to help : - give troublemaker an account on your box (think of giving it a restricted shell) - tell them to login using the below, then do : ssh root at localhost -p randomPort Person in trouble : (Opens tunnel between boxes) ssh -R randomPort:locahost:22 user at remoteBox David. -- David Goodwin http://codepoets.co.uk/