Essentially, you tell ssh to use another program to proxy the connection. That program (such as proxytunnel) connects to an http / https server on port 443, and issues a "CONNECT" method (such as "CONNECT anotherhost 22"). Then accept the status message, and pass the connection back over to ssh.
You need to configure the target HTTPS server to allow that connect method to the target host / port, and it is advisable to protect it behind at least https basic authentication.
And the best part of this, is that since it starts off as an SSL (https) connection, they can't even tell that you are doing a proxy (the "CONNECT" message is encrypted). It looks like a regular https connection at that point. The only thing they can do is either use a MITM proxy and require you to load their certificate (common in corporate and government environments), or do pattern analysis on the traffic.