I test that we can configure a ssh server to let a specific user, say 'demo' to login without any password with below configuration
I have also configured this user to have no access to shell and change shell in /etc/passwd
for user demo. I would like to understand security concern while I have this config in place. I simply want to use this user for port forwarding purpose and also I do not want to use public/private key for this purpose.
Or is there a way that I can have a ssh-server configured to use port forwarding and ssh client need not to use any user or password?