Run Command Before Starting SSH Connection
This a quick hack I found while I was looking to run a knock script before connecting to servers which I have the SSH service protected with a knock sequence. In my setup I used the ProxyCommand option in the ssh_config file to loop over my loop-back interface.
ProxyCommand bash -c 'knock-script %h; sleep 1; ssh 127.0.0.1 -W %h:%p'
# in the above
# %h is a place holder for the hostname i.e server1.com
# and i added 1 sec delay before running the ssh tunnel
# to give the script on the server side time to validate my knock.