A method of establishing a secure communication channel between end nodes of an IP communication network via one or more intermediate nodes using the Secure Shell, SSH, protocol, the method comprising defining an SSH configuration file containing a plurality of sections, each section defining parameter values for a corresponding hop of the tunnel and an identification of the section defining parameter values for any subsequent hop. At that end node, a first instance of an SSH client is established, with the name of the configuration file being an initialization value for the first instance, and using the parameter values contained in a first section of the configuration file to establish a first SSH connection to the next node in the sequence. Following establishment of said first SSH connection, one or more further instances of the SSH client are established, with an identification of said configuration file and an identification of a corresponding section of the configuration file being an initialization value for an SSH instance, the or each further instance using the parameter values contained in the corresponding named section of the configuration file to establish an SSH connection to a subsequent node in the sequence over the already established SSH connection(s).