NAT can be a bitch to get right
"I'm guessing I can't modify the source address as then the packets would never get back to the originating address."
You should NAT the source too, as the connection needs to go back through Box1. Otherwise RandomBox will get a reply to an SSH request from an unexpected IP and will drop it.
What I did in a similar situation was make a vpn between the two servers and save myself some natting
Nik