I love SSH's port mapping features. They're a bit complex to figure out, but they can prove to be very handy.
Once, I was updating a friends Fedora installation but I had to head home... He was behind a firewall and so I wouldn't be able to do remote access, even though sshd was running. Port mapping to the rescue! I logged in via SSH to my home machine and mapped his port 22 to a port on my local machine, so when I got home I was able to ssh to localhost and thereby get into his machine.
I've come up with my favourite SSH command that combines a few tricks - it goes as follows:
ssh -p port -l username hostname.or.ip -L lport:localhost:rport -D proxyport
I'll run through it step-by-step:
ssh -p port -l username hostname.or.ip
This instructs SSH to connect to hostname.or.ip on port as username.
This maps rport on the remote machine to lport on localhost (aka the machine you're currently using). Essentially, connection to port lport on localhost is the same as connecting to the remote host on port rport. It's very useful for mapping services running on the remote machine (such as VNC) to the local machine over a secure channel.
This makes SSH act as a SOCKS 4 proxy on localhost using port proxyport, which is needed for allowing traffic on ports which would otherwise be blocked (ie BitTorrent, FTP, POP, SMTP, etc in places that only allow traffic on port 80)
ssh -p 22 -l me myhost.homelinux.net -L 5905:localhost:5900 -D 5678
This maps the VNC screen :0 on myhost.homelinux.net (port 22, username "me") to the local VNC screen :6, and makes a SOCKS proxy on port 5678. If I connect to localhost:5906, it's the same as connecting to myhost.homelinux.net:5900 except thanks to SSH everything passes through an encrypted channel!