我正在尝试设置一个 Ubuntu 容器,openssh-server以便我可以从主机 ssh 进入它。我知道这不是标准做法,但我真的想要ssh。
这是我的Dockerfile
# Select base image
FROM ubuntu:16.04
# Set the current working directory
WORKDIR /home
# Update the system, download any packages essential for the project
RUN dpkg --add-architecture i386
RUN apt-get update && apt-get upgrade -y
RUN apt-get install -y git build-essential make gcc vim net-tools iputils-ping ca-certificates openssh-server libc6:i386 libstdc++6:i386
# Allow ssh root login
RUN echo "root:root" | chpasswd
# RUN rpl "PermitRootLogin prohibit-password" "PermitRootLogin yes" /etc/ssh/sshd_config
RUN sed -i 's/prohibit-password/yes/' /etc/ssh/sshd_config
RUN cat /etc/ssh/sshd_config
RUN mkdir /root/.ssh
RUN chown -R root:root /root/.ssh;chmod -R 700 /root/.ssh
RUN echo “StrictHostKeyChecking=no” >> /etc/ssh/ssh_config
RUN service ssh restart
# Open port 22 so linked containers can see it
EXPOSE 22
# Import any additional files into the environment (from the host)
ADD otherfile .
我启动容器,docker run -t -d -p 2222:22但每当我尝试通过 ssh 进入它时,我总是收到错误ssh_exchange_identification: Connection closed by remote host:
➜ ssh -v -p 2222 root@localhost /bin/bash
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/giorgio/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: /etc/ssh/ssh_config line 52: Applying options for *
debug1: Connecting to localhost port 2222.
debug1: Connection established.
debug1: identity file /Users/giorgio/.ssh/id_rsa type -1
debug1: identity file /Users/giorgio/.ssh/id_rsa-cert type -1
debug1: identity file /Users/giorgio/.ssh/id_dsa type -1
debug1: identity file /Users/giorgio/.ssh/id_dsa-cert type -1
debug1: identity file /Users/giorgio/.ssh/id_ecdsa type -1
debug1: identity file /Users/giorgio/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/giorgio/.ssh/id_ed25519 type -1
debug1: identity file /Users/giorgio/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/giorgio/.ssh/id_xmss type -1
debug1: identity file /Users/giorgio/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
ssh_exchange_identification: Connection closed by remote host
有人知道是什么原因导致了这个错误以及如何修复它吗?
答案1
RUN service ssh restart
这会在镜像创建阶段运行 ssh 服务重启(实际上是启动),而不是在将来运行的容器中。你没有CMDnor ,因此它默认为基本镜像中配置的那个(们)ENTRYPOINTDockerfile这是 bash)
换句话说,启动容器时没有运行 ssh 守护程序。临时解决方案是在正在运行的容器上启动 exec 命令:docker exec your_container_name service ssh start
为了正确修复此问题,你需要指示镜像在创建容器时启动 sshd(请参阅将 ssh 服务容器化在docker docs上)。 简而言之:
- 删除
RUN service ssh restart行 - 添加以下两行
RUN mkdir /var/run/sshd
CMD ['/usr/sbin/sshd', '-D']
- 重建你的图像,启动一个新容器,ssh 并享受。