I am trying to configure remote ports on the linuxserver/openssh-server docker image to use as a jump container to a destination host behind a NAT. I have tried running this command ssh -R 19999:localhost:2222 -p 2222 <container_user>@<container_host> on the destination host and I get the following error: Warning: remote port forwarding failed for listen port 19999. I have checked to see if port 19999 is already in use but it is not.
I had the same issue, which led me to your question via a Google search. After some additional searching, I found that linuxserver.io have created a modding process to enable tunneling, as outlined here: https://github.com/linuxserver/docker-mods/tree/openssh-server-ssh-tunnel
This mod adds ssh tunnelling to openssh-server, by enabling tcp forwarding during container start.
In openssh-server docker arguments, set an environment variable DOCKER_MODS=linuxserver/mods:openssh-server-ssh-tunnel
I can verify this works as intended on my machine:
$ ssh -p 2222 -R 0.0.0.0:7777:localhost:5000 agent@localhost
The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
ECDSA key fingerprint is SHA256:sKueSIX9m+qCrCNk0cCYjVC4uKcYltcO+msZKqgj5nQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
Welcome to OpenSSH Server