The ssh ProxyCommand option is just really insanely useful. The reason I want to use it is that it makes it easy to tunnel ssh through a firewall. So for example you have a machine on your corporate network that is is sitting behind a firewall, but you have a login to the firewall. Now of course you could just do:
laptop$ ssh gateway gateway$ ssh internal internal$
or something like:
laptop$ ssh -t gateway ssh internal internal$
But that really doesn't work very well if you use scp or sftp or some other service like revision control that runs on top of it. This is where you can use ProxyCommand option to make your life easier. Basically you want to put something like this into you .ssh/config:
Host internal
ProxyCommand ssh gw nc -w 1 internal 22
For this to work you will need netcat (nc) installed on the gw, but that generally isn't too much of a problem. Now you can transparently ssh, scp or whatever to internal, and ssh deals with it.
Now of course if you can't get into the network full stop, you need some reverse tunneling tricks and some other host on the interweb which you can use to tunnel through. So something like:
ssh -f -nNT -R 1100:localhost:22 somehost
Will setup a remote tunnel, which basically means if you connect to
port 1100, it will be forwarded to port 22 on the machine on which you
ran ssh -R. Unfortunately unless you have full control
over the host you are creating the reverse tunnel too, you will find
that port 1100, will only be bound to localhost, which means you will
probably still need to use the trick mentioned above to get seemless
access to it.