SSH服务器不接受连接

时间:2014-08-11 21:37:17

标签: ubuntu ssh docker openssh

我使用Docker在本地构建了一个Docker镜像,它运行SSH服务器+其他一些服务。 Dockerfile是内部的,所以我不能在这里发布。但我做的基本事情是:

RUN apt-get install -q -y openssh-server openssh-client

RUN cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults

RUN chmod a-w /etc/ssh/sshd_config.factory-defaults

RUN mkdir /var/run/sshd

RUN echo 'root:changeme' |chpasswd

ADD ./bootstrap.sh /root/bootstrap.sh

ENTRYPOINT ["sh", "/root/bootstrap.sh"]

在bootstrap.sh中:

...
echo "Starting SSH service..."
/usr/sbin/sshd -D > /dev/null 2>&1 &
ps -A | grep sshd
...

......到目前为止它的工作原理。 我可以从主机连接到SSH服务器(在Ubuntu容器内运行)。

到目前为止,这么好。现在我已将图像上传到Dockerhub并在tutum.co上运行它。

现在问题:SSH服务器启动了,但我无法连接到它。甚至在容器内部。顺便说一句,我有一个浏览器shell,所以我仍然可以执行命令。

我在容器内部执行:

ssh root@localhost -v                        
OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012                      
debug1: Reading configuration data /etc/ssh/ssh_config                          
debug1: /etc/ssh/ssh_config line 19: Applying options for *                     
debug1: Connecting to localhost [::1] port 22.                                  
debug1: Connection established.                                                 
debug1: permanently_set_uid: 0/0                                                
debug1: identity file /root/.ssh/id_rsa type -1                                 
debug1: identity file /root/.ssh/id_rsa-cert type -1                            
debug1: identity file /root/.ssh/id_dsa type -1                                 
debug1: identity file /root/.ssh/id_dsa-cert type -1                            
debug1: identity file /root/.ssh/id_ecdsa type -1                               
debug1: identity file /root/.ssh/id_ecdsa-cert type -1                          
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debia
n-5ubuntu1.4                                                                    
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.4 pat OpenSSH*                     
debug1: Enabling compatibility mode for protocol 2.0                            
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4            
debug1: SSH2_MSG_KEXINIT sent                                                   
Read from socket failed: Connection reset by peer 

2 个答案:

答案 0 :(得分:3)

您尝试以root身份进行连接,该/etc/ssh/sshd_config被禁止作为容器中user的标准选项。您需要在Dockerfile中设置root-login或允许Dockerfile或在root中复制公钥。我不鼓励您允许Dockerfile - 登录并通过Dockerfile复制您的公钥。我的解决方案是以下列方式编辑您的# Set root passwd RUN echo 'root:changeme' |chpasswd # Add user so that container does not run as root RUN useradd -m michaelkunzmann RUN echo "michaelkunzmann:test" | chpasswd RUN usermod -s /bin/bash michaelkunzmann RUN usermod -aG sudo michaelkunzmann ENV HOME /home/michaelkunzmann ENV HOSTNAME michaelkunzmannsbox

ssh michaelkunzmann@localhost -v

然后构建图像并通过port登录。 (如果这不起作用,请确保您使用了正确的docker run -d -p 127.0.0.1:5000:22 -P --name="name-your-container!" your-image。您可以使用ssh michaelkunzmann@localhost -p 5000指定它。然后您可以通过 {{1}}。)

顺便说一句,如果你在容器中运行多个进程,你应该熟悉Supervisor

答案 1 :(得分:0)

我的docker文件供我这样的其他人参考:

FROM centos:6

RUN yum install -y openssh-server
RUN mkdir /var/run/sshd

RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key

RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config
RUN sed -ri 's/#UsePAM no/UsePAM no/g' /etc/ssh/sshd_config

RUN echo 'root:root' | chpasswd

CMD ["/usr/sbin/sshd", "-D"]