diff --git a/setup_tunnel.sh b/setup_tunnel.sh
new file mode 100644
index 0000000..cec6d56
--- /dev/null
+++ b/setup_tunnel.sh
@@ -0,0 +1,116 @@
+#!/bin/bash
+set -e
+OS_KEYPAIR_NAME=ovh_$(hostname -s)
+OS_MACHINE_NAME=gbv
+SERVER_RUNNING=false
+
+function int_hdl(){
+if $SERVER_RUNNING; then
+echo "Deleting machine..."
+OPENSTACK_RESPONSE="$(openstack server delete --wait $OS_MACHINE_NAME)"
+until [ "$OPENSTACK_TERMINATION_RESPONSE" = '[]' ]
+do
+echo "Waiting for termination..."
+sleep 10
+OPENSTACK_TERMINATION_RESPONSE="$(openstack server list -f json)"
+echo "OpenStack said:"
+jq <<< $OPENSTACK_TERMINATION_RESPONSE
+done
+fi
+}
+
+trap int_hdl SIGINT
+source openrc.sh
+
+#
+# Prerequisites
+#
+if ! command -v ipcalc-ng &>/dev/null
+then
+echo >&2 "ipcalc-ng is required. Exiting."
+exit 1
+fi
+if ! command -v openstack &>/dev/null
+then
+echo >&2 "openstack is required. Exiting."
+exit 1
+fi
+if ! command -v nova &>/dev/null
+then
+echo >&2 "nova is required. Exiting."
+exit 1
+fi
+if ! command -v ssh &>/dev/null
+then
+echo >&2 "ssh is required. Exiting."
+exit 1
+fi
+if ! command -v ssh-keygen &>/dev/null
+then
+echo >&2 "ssh-keygen is required. Exiting."
+exit 1
+fi
+if ! command -v jq &>/dev/null
+then
+echo >&2 "jq is required. Exiting."
+exit 1
+fi
+
+#
+# Upload key material
+#
+if [ ! -e ~/.ssh/id_ovh ]
+then
+echo "Generating SSH key..."
+ssh-keygen -f ~/.ssh/id_ovh
+fi
+echo "Checking for SSH key in OpenStack..."
+openstack keypair list|grep -q $OS_KEYPAIR_NAME
+RESULT=$?
+if [ $RESULT -eq 1 ]; then
+echo "Uploading SSH key to OpenStack..."
+nova keypair-add --pub_key ~/.ssh/id_ovh.pub $OS_KEYPAIR_NAME
+fi
+#
+# Get flavor and image
+#
+echo "Gathering image and flavor information..."
+FLAVOR_PRESEL="$(openstack flavor list -f json|jq -r '.[]|select(.Name=="s1-2")')"
+echo "Selected this flavor:"
+jq <<< $FLAVOR_PRESEL
+FLAVOR="$(jq  -r '.ID' <<< $FLAVOR_PRESEL)"
+IMAGE_PRESEL="$(openstack image list -f json|jq -r '.[]|select(.Name=="Debian 10")')"
+echo "Selected this image:"
+jq <<< $IMAGE_PRESEL
+IMAGE="$(jq -r '.ID' <<< $IMAGE_PRESEL)"
+echo "Creating server..."
+openstack server create --image $IMAGE --flavor $FLAVOR --wait --key-name $OS_KEYPAIR_NAME $OS_MACHINE_NAME
+SERVER_RUNNING=true
+
+#
+# Extract IPv4 address
+#
+SERVER_IPS="$(openstack server show gbv -f json|jq -r .addresses)"
+SERVER_IPS="${SERVER_IPS##Ext-Net=}"
+read -a SERVER_IPS <<< $SERVER_IPS
+SERVER_IPS[0]="${SERVER_IPS[0]%%,}"
+ipcalc-ng -c4 ${SERVER_IPS[0]} &>/dev/null
+IS_IPV4=$?
+if [ $IS_IPV4 -eq 0 ]
+then
+SERVER_IP=${SERVER_IPS[0]}
+else
+SERVER_IP=${SERVER_IPS[1]}
+fi
+echo "Server reachable on $SERVER_IP."
+#
+# Open tunnel
+#
+echo "Waiting 30 seconds for setup completion..."
+sleep 30
+echo "Opening tunnel on socks://localhost:23406..."
+
+trap - SIGINT
+ssh -D 23406 -i ~/.ssh/id_ovh -o StrictHostKeyChecking=no -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null -N debian@$SERVER_IP
+echo "Tunnel closed. Destroying server..."
+int_hdl