If only HTTP (port 80) or HTTPS (port 443) is allowed out of the network. This is also useful for obfuscating traffic from your machine.
You'll need to have server1 listening for ssh connections on port 80 or 443, we'll assume 443 here. From there you can create a SOCKS proxy using ssh. The '-g' parameter allows remote machines to share this proxy.
ssh -D 8080 -p 443 seven@server1.com
or using PuTTY
putty.exe -D 8080 -P 443 -ssh user@server1.com
The socks proxy will be localhost:8080 and can be configured in Firefox/IE's internet settings or in any application that supports it.
Create a (reverse) tunnel so server2 can be reached later even if it is NAT'd or behind a firewall.
This runs on server2 (the server behind the firewall) and connects to server1 (the same external server we used above). You can append a ping statement to the end of the ssh command to keep the connection alive over longer periods.
ssh -p 443 -R 12345:localhost:22 user@server1.com
Now, from SERVER1 outside the firewall we can connect back into SERVER2 by typing:
ssh localhost -p 12345
Generate keys on the client machine:
ssh-keygen -t rsa
Copy the public key (id_rsa.pub) to the server:
cat .ssh/id_rsa.pub | ssh user@server 'cat >> .ssh/authorized_keys'
Confirm permissions are correct on created file:
ssh user@server "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"
Some services want a server's SSH fingerprint, you can generate in the format they usually want with this command:
cut -d ' ' -f 2 < /etc/ssh/ssh_host_rsa_key.pub | base64 -d | openssl dgst -c -sha1