docker

关注公众号 jb51net

关闭
首页 > 网站技巧 > 服务器 > 云和虚拟化 > docker > Dockerfile添加SSH服务

Dockerfile为镜像添加SSH服务的实现步骤

作者:Fish_1112

利用 SSH 协议可以有效防止远程管理过程中的信息泄露问题,本文主要介绍了Dockerfile为镜像添加SSH服务的实现步骤,具有一定的参考价值,感兴趣的可以了解一下

1.创建目录

[root@openEuler-node1 db]# mkdir sshd_ubuntu

2.创建 Dockerfile、 run.sh 、authorized_keys、vim aliyun.list 文件

[root@openEuler-node1 sshd_ubuntu]# cd sshd_ubuntu
[root@openEuler-node1 sshd_ubuntu]# touch Dockerfile run.sh authorized_keys vim aliyun.list

3.在宿主主机上生成 SSH 密钥对,写入authorized_keys

[root@openEuler-node1 ~]# ssh-keygen -t rsa
[root@openEuler-node1 sshd_ubuntu]# cd sshd_ubuntu
[root@openEuler-node1 sshd_ubuntu]# cat ~/.ssh/id_rsa.pub > authorized_keys 

4.编写更改Ubuntu的源为国内aliyun源

[root@openEuler-node1 sshd_ubuntu]# vim aliyun.list
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse

5.编写run.sh

#!/bin/bash
/usr/sbin/sshd -D

5.编写 Dockerfile

[root@openEuler-node1 sshd_ubuntu]# vim Dockerfile 

FROM ubuntu:18.04
MAINTAINER yuj<yj@qq.com>

COPY aliyun.list /etc/apt/sources.list.d/aliyun.list
RUN apt update && \
    apt install -y openssh-server && \
    mkdir /var/run/sshd && \
    sed -ri 's/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g' /etc/pam.d/sshd && \
    mkdir /root/.ssh
COPY authorized_keys /root/.ssh/
COPY run.sh /run.sh
RUN chmod 755 /run.sh

EXPOSE 22
CMD ["/run.sh"]

6.制作镜像并启动容器

[root@openEuler-node1 sshd_ubuntu]# docker build -t sshd:ubuntu_v1 ./
[root@openEuler-node1 sshd_ubuntu]# docker run -d -P sshd:ubuntu_v1

7.查看容器运行状态

[root@openEuler-node1 sshd_ubuntu]# docker ps 
CONTAINER ID   IMAGE            COMMAND                   CREATED             STATUS             PORTS                                     NAMES
3df76cc3dedd   sshd:ubuntu_v1   "/run.sh"                 6 seconds ago       Up 5 seconds       0.0.0.0:32776->22/tcp, :::32776->22/tcp   vigorous_williamson

8.用ssh连接登陆这个容器

[root@openEuler-node1 sshd_ubuntu]# ssh 192.168.136.55 -p 32776
The authenticity of host '[192.168.136.55]:32776 ([192.168.136.55]:32776)' can't be established.
ED25519 key fingerprint is SHA256:PCuiPOPbts35IzrOQ3PvZsU0+W+i7O1zheVc1XmDgHU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.136.55]:32776' (ED25519) to the list of known hosts.
Welcome to Ubuntu 18.04.6 LTS (GNU/Linux 5.10.0-182.0.0.95.oe2203sp3.x86_64 x86_64)
root@3df76cc3dedd:~# 

到此这篇关于Dockerfile为镜像添加SSH服务的实现步骤的文章就介绍到这了,更多相关Dockerfile添加SSH服务内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家! 

您可能感兴趣的文章:
阅读全文