I'm no expert here, but this how I've done it.

SSH VPN between Network1 (10.0.0.0/24) and Network2 (10.0.1.0/24)
As root (or other privileged user) from end point node on Network1 (
host.network1):

ssh -fw0:0 host.network2 "ifconfig tun0 10.0.2.1 netmask 255.255.255.252 \
; echo 1 > /proc/sys/net/ipv4/ip_forward \
; /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE \
; route add -net 10.0.0.0/24 gw 10.0.2.2 dev tun0"

ifconfig tun0 10.0.2.2 netmask 255.255.255.252

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

route add -net 10.0.1.0/24 gw 10.0.2.1 dev tun0

You can leave out the iptables bits if the tunnel end points
(host.network1 and host.network2 in the example) are the default route
for their respective networks, or if you want to put static routes on
all the systems on each network.