It is a lot easier than you think.
OpenSSH, which can only be described as the best utility of all time, is quite a versatile tool one feature people use frequently is port forwarding. This allows you to open a port on your computer that forwards the data over the SSH connection to the destination you specify, very useful when needing access to the an intranet web server when you don’t have a proper VPN set up for example. However, SSH can also do this in reverse! It opens a listening port up on the remote machine which then relays data to the destination you specify. For example you can SSH into a remote host and get SSH to open a port on that host which relays data back to the SSH port on the machine you are connection from, thereby allowing SSH access to a machine where it would normally be impossible.
A practical example:
chris@ktulu:~$ ssh sandman.cs278.org -R 2222:localhost:22
This connects to the server sandman.cs278.org and opens port 2222 which forwards traffic to localhost:22 (localhost is the machine I am connecting from). Once logged into the server I can do this:
chris@sandman:~$ ssh localhost -p 2222
Which opens a connection back to the remote machine.
