SCP'ing the public key directly to ~/.ssh/authorized_keys could overwrite the file if it already exists. It's better to use 'ssh-copy-id', which takes care of everything for you. Most distros should have it already.
Autossh can take care of setting up, monitoring, and restarting the tunnels for you. Arguments are almost exactly the same as ssh, just toss it into your crontab and have it run @reboot.
Actually you can write a nice little script that treats autossh like a daemon and restarts it if it crashes.
I did something like that on Arch linux.
Also it's probably a good idea to give it a user with limited permissions on the server it's connecting back to so if somebody finds it the can't just use it to hack your box.
Setting I2P up on the RPi then setting ssh up to listen on a I2P hidden service on the RPi would be better than the method shown. That way if the device is discovered it would be impossible to trace back the actual IP address of the person connecting to it and an adversary obtaining your ssh key wont be able to log into any of your servers.
For the purpose of physical drop boxes, there are much better tools than a Pi. For example this one http://wiki.openwrt.org/toh/tp-link/tl-wr703n is cheaper (< $20), smaller, much more power efficient, and comes with WiFi! Strip the wrapping plastic box and you can hide it practically anywhere with batteries powering it for days.
Is the power adapter board sitting on top of the Pi? They should be separated by some panel to avoid shortcircuits and/or feeding mains power into it. It looks like there's enough space too.
I disagree, tape isn't that reliable for covering larger areas with sharp and uneven surfaces. Plus, it tends to peel off by itself when heated. Should be better to just secure the two boards apart from each other at opposite ends of the case.
Cool project, I've thought about doing something similar and bought a gumstix for roughly this reason before the Pis were out (although power is harder to figure out on Gumstix).
Slightly ominous line: "I have this plugged into an office somewhere."
This "attack vector" is relying on the fact that you get physical access to the targets router/switch, so you can connect to the network and I think network admins would stop extra PSU in their networking closet pretty fast.
Which started me thinking... What if you would build RPi or similar small device into a router's casing and made it act like a router on the same time. Obviously you'd have to have some way of copying configs over from the old box to the impostor box, but it could be harder to spot since there wouldn't be any extra hardware.
And if the company has a competent security team, they're going to find this quickly and bring in Terremark or Solutionary or another forensics company. It won't be long before you're found, especially if you hit a compliance network.
You should be able to limit the account that it's ssh-ing into so that it's just used for the tunnel. Or if you're really paranoid, limit the entire thing to a dedicated virtual machine.
The use of physical drop boxes placed behind a firewall is nothing new. There is in fact a specific Linux distro for the Rasberry Pi targeted at this use case (see pwnpi.sourceforge.net). It comes packaged with a large suite of penetration testing tools. While building from scratch is a useful exercise for engineers, reinventing the wheel does not merit much attention.
You're right, we should discourage people who are actually building things from posting (even if it's nothing earth shattering) and instead encourage folks to post more regurgitated NSA articles and Wikipedia links about crypotography standards or secret government projects.
While I use backtrack frequently I found the pwnipi distribution to be lacking in many things and actually ditched it to complete this project. Perhaps I'll revisit that distro again when it becomes better.
Some of the programs that it said that were supposed to be installed were not. Very little documentation exists to get familiar with that distribution.
The one in this article looks like a fire hazard. I guess that's one way to cover your tracks :P