Docker simplest alpine sshd

Long time no see, (but who cares?) As I struggled to install and run sshd on alpine linux, I want to share it with you. (I assume you are the one googled docker/alpine/sshd, aren't you?)

Before docker build

need public key to connect server. 
# create id_ed25519 and id_ed25199.pub to current dir.
> sshd-keygen -t ed25519

Dockerfile

FROM alpine

RUN apk add --update --no-cache openssh && \
  rm -rf /tmp/* /var/cache/apk/* && \
  adduser -D user && \
  passwd -u user && \
  # SSHD CONFIG
  { \
    echo "PermitRootLogin prohibit-password"; \
    echo "PasswordAuthentication no"; \
  } >> /etc/ssh/sshd_config && \
  # GENERATE KEYS
  { \
    echo "$PASS=PASS$RANDOM"; \
    echo "PASSWORD for user is $PASS"; \
    echo "echo -e $PASS'\n'$PASS | passwd user"; \
    echo "ssh-keygen -A"; \
    echo 'exec "$@"'; \
  } > /usr/sbin/key_gen.sh
COPY id_ed25519.pub /home/user/.ssh/authorized_keys
RUN chown -R user.user /home/user && \
  chmod 700 /home/user/.ssh && \
  chmod 600 /home/user/.ssh/authorized_keys

ENTRYPOINT ["ash", "/usr/sbin/key_gen.sh"]
CMD ["/usr/sbin/sshd", "-D"]
to build it, 
docker build -t mine/my_sshd_alpine:0.01 .

Running

> docker run -d -p 2222:22 mine/my_sshd_alpine --name my_sshd
or alternatively 
> docker run --it --rm -p 2222:22 mine/my_sshd_alpine --name my_sshd ash
> /usr/sbin/sshd -D -E /var/log/auth.log
to check how it works. On the client, you can connect server by 
> ssh -i id_ed25519 -p 2222 user@locahost

Points are...

  1. use sshd -D option to work as foreground.
  2. user name and password are needed for "PasswordAuthentication no".
  3. without chmod .ssh and .ssh/authorized_keys, authentication fails.
  4. ssh on Mac does not seem to work with id_dsa.

Comments

Post a Comment

Popular posts from this blog

Calling OpenCV functions via Cython from Python 3.X.

I have managed to run OpenCV function from Python3 via Cython today, so I want to write about it. Before you start something like this, you should know you have to read at least header files of C library to write right definition in Cython,because Cython does not do that for you. I am using virtualenv, python from pythonz, and home-brewed OpenCV. Almost everything of C++ works just fine with Cython, but still, you should do some Voodoo things like for integer template argument. ctypedef void* int_parameter ctypedef int_parameter two "2" ctypedef Point_[float, two] Point2f Now, main sample Cython code is following. #===== testopencv.pyx ======== import numpy as np cimport numpy as np # for np.ndarray from libcpp.string cimport string from libc.string cimport memcpy cdef extern from "opencv2/core/core.hpp": cdef int CV_WINDOW_AUTOSIZE cdef int CV_8UC3 cdef extern from "opencv2/core/core.hpp" namespace "cv": cdef cppclass Mat: Ma...
Read more

Showing CPU/Memory usage on tmux status bar(tmuxのステータスバーにCPUとMemoryの使用状況を表示する)

Image
On OSX, to show CPU usage, script is like this. #!/bin/bash top -l 1 | head -n 4 | tail -n 1|awk '{printf "%3d%%\n", $3}' to get Memory Usage, script is like this. #!/bin/bash vm_stat | awk 'BEGIN{FS="[:]+"}{if(NR<7&&NR>1)sum+=$2; if(NR==2||NR==4||NR==5)free+=$2} END{printf "%3d%%\n",100*((sum - free)/sum)}' Name thsese scripts like getCpuUsage.sh/getMemUsage.sh and put them in folder where the $PATH is set. Change their mode to u+x. To show them on tmux status line, .tmux.conf is like set -g status-right '#[fg=blue,bold]#H#[default] #[fg=blue,bold][CPU=#(getCpuUsage.sh) MEM=#(getMemUsage.sh)]#[default]'
Read more

Subclassing and Signal connect on a same widget crashes PySide application on exit.

In pyside, I wanted to do something like these, class MyTextLine(QLineEdit): def focusInEvent(self, e): #do something QLineEdit.focusInEvent(self, e) .... widget = MyTextLine(QLineEdit) widget.editingFinished.connect(some_callback) However, this app tends to crash on exit. Core dump saids it is something about destructor of a signal manager. Details are rather vague, but I managed to avoid crash deleting signal-connect. class MyTextLine(QLineEdit): def focusInEvent(self, e): #do something QLineEdit.focusInEvent(self, e) def setCallback(self, cb): self.cb = cb def focusOutEvent(self, e): if hasattr(self, 'cb'): self.cb() .... widget = MyTextLine(QLineEdit) widget.setCallback(some_callback) If anyone knows why this happens, please teach me! One more thing, if you use QTreeWidget having widgets on it, it seems better to do clear() it before closing your application. Update 2015/01/25: It seems like widget.se...
Read more