http://www.slideshare.net/tohakushi/ssh-13118950
エンター直後の〜(日本語KBだとSHIFT+^)とキーの組み合わせ(英大小文字を識別)

$ ~?
Supported escape sequences:
  ~.  - terminate connection (and any multiplexed sessions)
  ~B  - send a BREAK to the remote system
  ~C  - open a command line
  ~R  - Request rekey (SSH protocol 2 only)
  ~^Z - suspend ssh
  ~#  - list forwarded connections
  ~&  - background ssh (when waiting for connections to terminate)
  ~?  - this message
  ~~  - send the escape character by typing it twice
(Note that escapes are only recognized immediately after newline.)

$
$ ~C
ssh> help
         Commands:
      -L[bind_address:]port:host:hostport    Request local forward
      -R[bind_address:]port:host:hostport    Request remote forward
      -D[bind_address:]port                  Request dynamic forward
      -KR[bind_address:]port                 Cancel remote forward
$
ssh> -D 8092
            Forwarding port.
ssh> -L 8096:127.0.0.1:80
                         Forwarding port.
$ ~#
The following connections are open:
  #12 client-session (中略)
  #13 direct-tcpip: listening port 3388 for 192.168.0.2 port 3389, connect from 127.0.0.1 port 54763 (同)

便利だが、後から開設したポートフォワードが表示されてないように見える。
多段ssh

$ ssh -D 1080 <ssh-gateway> 
$ ssh -oProxyCommand=‘nc -x localhost:1080’ <target-host>

$ ssh -oProxyCommand=‘ssh <ssh-gateway> nc %h %p’ <target- host>

$ ssh-agent.exe ssh -oProxyCommand='ssh username1@sshgateway.example.com nc %h %p' username2@192.168.2.x

めも
インターネットに繋がってない環境のホストを アップデートする
未検証