proxy ssh through a jump host without breaking all other ssh connections

ssh-config

Host *
    ForwardAgent yes
    ProxyCommand ~/bin/ssh-proxy.sh %h %p username@jump-host
    ServerAliveInterval 10
    ServerAliveCountMax 600

ssh-proxy.sh

#!/bin/bash

# ------------------------------------------------------------------------------
# Use SOCKS proxy to proxy SSH through a jump host.  This works in
# almost all circumstances and has the advantage of using only one
# SSH tunnel to the jump host for all concurrent ssh tunnels.  It
# does not end the open connection to the jump host when the connection
# is closed.
# ------------------------------------------------------------------------------
# Author: Karl Matthias
# Date:   Tue 31 Jan 2012

hostname=$1
port=$2
proxy_host=$3

usage() {
  die "`basename $0`: [hostname] [port] [proxy_host]"
}

die() {
  echo $1 >&2
  exit 1
}

test -z $hostname && usage
test -z $port && usage
test -z $proxy_host && usage

nc -z -w 2 $hostname $port > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
  nc -w 300000 $hostname $port
else
  nc -z -w 2 localhost 9090 > /dev/null 2>&1
  if [[ $? -ne 0 ]]; then
    ssh -f -N -D9090 $proxy_host
  fi

  nc -x localhost:9090 $hostname $port
fi

Tunneling Through a Jump Host

This will establish a SOCKS connection to your jump host. It will attempt to make a connection with netcat to the hostname you try to ssh to. If it's accessible directly, it will go directly. If it isn't it will automatically be proxied over the tunnel to the jump host. You will have to authenticate the tunnel the first time and then it will stay up in the background afterward. The ServerAliveInterval should help keep the tunnel up even through awful gateways like the Virgin SuperHub or over other firewalls with short timeouts.

If you have a reliable internal DNS zone available behind the jump host you can modify this to work on just those hosts by changing the Host line in the ssh config.