diff --git a/softwares/secure_tunnel.sls b/softwares/secure_tunnel.sls
new file mode 100644
index 0000000..be2a410
--- /dev/null
+++ b/softwares/secure_tunnel.sls
@@ -0,0 +1,24 @@
+{% if grains['kernel'] == 'Linux' %}
+  {% set KEY_NAME = 'secure_ssh_tunnel' %}
+  {% set ANS_REMOTE_USER = salt['grains.get'](ANS_REMOTE_USER) %}
+  {% set ANS_REMOTE_PORT = salt['grains.get'](ANS_REMOTE_PORT) %}
+  {% set ANS_ADDR_TARGET = salt['grains.get'](ANS_ADDR_TARGET) %}
+  {% set ANS_PORT_TARGET = salt['grains.get'](ANS_PORT_TARGET) %}
+  {% set ANS_REMOTE_USER = salt['grains.get'](ANS_REMOTE_USER) %}
+  {% set ANS_TARGET_USER = salt['grains.get'](ANS_TARGET_USER) %}
+
+generate_ssh_key_{{ANS_REMOTE_USER}}:
+  cmd.run:
+    - name: ssh-keygen -q -N '' -f /home/{{ANS_REMOTE_USER}}/.ssh/{{KEY_NAME}}
+    - runas: {{ANS_REMOTE_USER}}
+    - unless: test -f /home/{{ANS_REMOTE_USER}}/.ssh/{{KEY_NAME}}
+
+secure_tunnel_systemd_file:
+  file.managed:
+    - source: salt://templates/secure-tunnel.service
+    - name: /etc/systemd/system/secure-tunnel.service
+    - user: root
+    - group: root
+
+    
+{% endif %}
\ No newline at end of file