You are asking it to listen on your local port 22 and forward connections to a remote system's port 8090. You can't do that, because your local port 22 is already taken by your local SSH server.
I think what you are looking for is remote forwarding. Replacing -L 22:localhost:8090
with -R 8090:localhost:22
will tell the remote host to listen on port 8090 and forward requests to your SSH server.
If you are leaving the connection running so you can get in later from a remote site, then you are going to want to make sure the connection doesn't time-out due to inactivity by adding the relevant options (-o TCPKeepAlive=yes
or -o ServerAliveInterval=30
)
So you'll end up with something like:
ssh -N user@my_server -R 8090:localhost:22 -o ServerAliveInterval=30
Also, if one of the network hops between you and the server is down at any point, the connection will drop despite any KeepAlive options you specify, so you might want to add this command to inittab, or look into the daemontools package or your distro's equivalent , so that it always starts on boot and is restarted when it exits for some reason other then system shutdown (or you could run it from a shell script that loops infinitely, but init or daemontools are cleaner solutions).
I wanted to comment on this yesterday but backed off waiting for someone more knowledgeable in this particular setup. Working from what you have said you can setup multiple users on the same account by having separate keys each setup to a different command structure. I,e user Bob would have a key
command="svnserve -t --tunnel-user=Bob -r /home/ownername/" ssh-rsa A...eQ== laptoplogin@laptop
and Jane would be
command="svnserve -t --tunnel-user=Jane -r /home/ownername/" ssh-rsa someother..eQ== laptoplogin@laptop
Now by the same logic you could set up a third shared key between you that just executes bash, or share the account password to login without keyless ssh and get access to the shell.
That being said, on an aside, you may just want to take a look at Mercurial or Git, both of which make centrally hosted development on a repository dead-simple and are far more powerful and flexible than svn.
Best Answer
Yes, just use
/bin/false
as shell and instruct the user to start the tunneling SSH process without executing any remote command (i.e. the-N
flag for OpenSSH):