In any case it’s much, much safer to (also) use Whonix locally before connecting to any server.
To SSH to any remote server adds new risk.
If the remote server cannot be trusted (which server can nowadays?), and you’re not connecting there anonymously, you might not be anonymous at all. Using a remote server also creates the problem how to anonymously pay the server, see:
What you call
Whoix-Gateway in a box could be one combined server? Assuming yes. Rephrasing your question:
How to SSH into Whonix-Gateway? And answering that.
We don’t have that documented unfortunately.
- learn about onion services generally
- install an onion v3 service on your local computer
- learn how to SSH into your local computer’s onion v3 service (this exercise can also be done inside a VM)
(no port forwarding required)
By applying the same on a Whonix-Gateway you should be able to SSH into Whonix-Gateway. Bo port forwarding required since Tor makes it look like the incoming connection is coming from localhost. And Tor itself does not require open ports as a client. And Tor itself does not even require open ports for onion services.
What you call
Whoix-Gateway in a box could be one combined server? Assuming no. Well, not much different than above. You’ll still need an ssh server installed on Whonix-Gateway.
SSH-Server could be a Whonix-Workstation. Similar to above you can also SSH into Whonix-Workstation. To do that: don’t try to exercise this on a server for the first time. Start exercising using Whonix locally without any remote servers involved. Exercise hosting an onion webserver as per https://www.whonix.org/wiki/Onion_Services. Then exercise setting up an onion ssh server which would be very similar. Once you learned how to do this, you can also replicate it on a remote server.
But last comes to mind a bit late… For a Whonix-Gateway / Whonix-Workstation on a server… At which provider are you actually able to do that? Rhetoric question. Probably on root servers only. But where can you buy a root server anonymously that allows connection from Tor? Seems futile.