SSH can be configured to accept both a public key and a password. I haven't disabled the lengthy and arduous password I set up on my SSH servers just in case I lose the keyfiles.

If you are using the ssh client to establish the connection, it exits when the connection is terminated. You can either store the PID of the ssh client when you launch it and check to see if that same PID is running, or call ssh from a script without exiting the script, and use while (assuming bash) to set up an infinite loop to call ssh over and over each time it terminates. init is explicitly designed for this so you might look into that as well.

I am not sure if I am answering your question, but I feel there is a brick missing in what you intend to do, so I will add the missing link and risking that this was not your question.

What you intent to do is possible with SSH and not that difficult to setup, but let me start with a disclaimer: SSH tunneling is illegal in many work environments and can get you fired, even if your purpose is to reach your own home server with data/backups.

In order to reach the lets say server at home ("home") behind your ISP's NAT from a laptop on a public network, say an internet cafe ("laptop") you would do the following.

First you need a SSH-server running which is reachable in the pubic internet (SSShub).

Connect "home" permanently with "SSHhub" and remote forward a port from "SSHhub" to your "home" server. Take a look at autossh to make sure that the connection persists if you are away and check the sshd_config man page to get the remote forwarding right. On your home machine you start

autossh -M 0 -Nf SOCKSUSER@SSHHUB -r 8022:localhost:22

This will forward port 8022 on the public SSHhub server to your home servers SSH port 22.

Now you are sitting in an internetcafe with your laptop and local forward some unrestricted port to the SSHhub on port 8022 (using the above example). So on your laptop you start

autossh -M 0 -Nf SOCKSUSER@SSHHUB -l 8122:localhost:8022

When this is configured you can SSH into your home machine from your laptop by starting

ssh SOCKSUSER@localhost -p 8122

The ssh session forwarded from localhost:8122 on your laptop to localhost:8022 on the SSHhub and from there to localhost:22 on your home server.

You will be asked for the account password. All this will give you some headaches with having both a public key from the laptop and the home server in the .ssh/authorized_keys file of the SSHhub. PasswordAuthentication no in the /etc/ssh/sshd_config file should be ok, since you are logging in from inside the localhost, but check it yourself. You might want to set it to yes while debugging.

Check the autossh manpage for the -M 0option. This will "ping" the SSH server through the encrypted tunnel otherwise you have to configure monitoring ports with the -M option. -M 0 requires that you set the ServerAlive variables in the .ssh/config file like so

ServerAliveInterval 15
ServerAliveCountMax 2
TCPKeepAlive no

You can have them also inline I think.

Now I can answer you original question: Is it possible to login to your home machine behind NAT without RSA public key on the laptop/internet cafe machine. The answer is "yes" (as far as I remember) in the above scenario, when you permit PasswordAuthentication yes on the SSHhub, so that you can connect from any machine (having SSH client available) to the SSHhub.

Very late and probably wrong answer, but I used some time to figure it out and I guess others are wondering about it, too.

Not answering your exact question, you'll solve the problem with products like neorouter... Real easy to setup and handles just about any firewall config.