Can't figure out what is blocking

I run an AppleScript application which, in turn runs 2 shell commands. The first creates a tunnel to an open NAT port on my parents' router. The second uses the tunnel to do screen sharing (VNC) on my father's computer.

Here is the script:

do shell script "/usr/bin/ssh <redacted> -p<redacted> -f -L 5908:localhost:5900 -o ExitOnforwardFailure=yes sleep 45 && killall ssh-agent; open -W vnc://localhost:5908"

It works fine with Little Snitch turned off. With LS on, I first had to give the applescript and then SSH permission to make outgoing connections. The 2 rules look like this:

action: allow
direction: outgoing
process: /usr/bin/ssh
destination: any
port: any
protocol: any
help: On Aug 30, 2013, ssh tried to establish a connection to <redacted> on port <redacted>. The request was allowed via connection alert.

action: allow
direction: outgoing
process: /Applications/VNC to Fred.app/Contents/MacOS/applet
via: /usr/bin/ssh
destination: bethesdawikners.org
port: any
protocol: any
help: On Aug 30, 2013, VNC to Fred via ssh tried to establish a connection to <redacted> on port <redacted>. The request was allowed via connection alert.

This got me to the login window, which shows the connection was made. But the script then hangs when I type in my login credentials for my father's computer. I have to force-quit it. With LS turned off, the login goes fine, and I am able see my father's screen. How do I investigate what LS is doing to cause the hang, and so correct whatever rule is blocking it?