When tunneling traffic through multiple SSH servers chained together, is the data decrypted and reencrypted at each point in the chain or are you effectively just creating one tunnel that terminates at the last server in the chain? In other words, can any of the servers other than the last one in the chain "see" your data?