Just so I don't forget this: How to SSH-tunnel VNC. It took me forever to figure out. (This will work with any service, not just VNC.)
Home: 2 computers, both behind a firewall. Linux = 192.168.15.15, OS X = 192.168.15.16. The Linux computer is running sshd (but you can only SSH to the Linux box via the LAN, i.e. it's behind the firewall). The OS X computer is running sshd too; port 22 is the only port open on the firewall, and it's forwarded to the OS X machine only. Remote: 1 computer, Windows. Can't run any services, but can run TightVNC viewer. Goal: Run VNC on the home Linux computer and use TightVNC at the remote site to view it.
Here's how I did it. First SSH to my home IP using PuTTY on the remote computer, which takes me to the OS X machine. SSH from there to the Linux box. Run VNC on the Linux computer:
x11vnc -display :0
This shares an already-running X session. To run an independent session I could've run
Leave that running. Now, I SSH again in a separate session to my home IP. In the Tunnels section, put Source port 5900 (or 5901, whatever port VNC is using on the Linux machine). For Destination put 192.168.15.15:5900 (or 5901). Open the connection and login.
Now on the remote machine, run TightVNC and connect to 127.0.0.1::5900 (or 5901). That's it! Now I see my Linux desktop on the remote machine. The whole "local" vs. "remote" distinction for SSH tunnels is a bit confusing, especially when you're bouncing around to a bunch of different computers.