If you set it up correctly, identifying each and every host to the remote side by its RSA key, then you don't have to type username/password ever. I have reverse SSH tunnels set up for various servers and all work perfectly with the keys, no need for other identification. If you use as you call it a 'man in the middle server' to centralize your tunnels/connections, then you'll need to add the key generated on that server on all your hosts and the keys of the hosts need to be added to the remote server. From your PC you'll only have to add your key to the 'man in the middle' server. That is if I understood how you've set it up.
If you've set it up working with keys from your PC to the 'man in the middle' machine and from there to your hosts, then you could use the ProxyCommand available in SSH to access the remote host without the need to login to the 'man in the middle' server.
Last edited by EricTRA; 07-27-2011 at 03:54 AM.