I build docker image with ssh enabled by such dockerfile: docker build -t debian-ssh:v00 .
From debian
WORKDIR /
RUN apt update && apt install -y openssh-server sudo
RUN sed -i "s/UsePAM yes/UsePAM no/g" /etc/ssh/sshd_config
RUN echo "root:123456" | chpasswd
RUN echo "root ALL=(ALL) ALL" >> /etc/sudoers
# RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
# RUN ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
# RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
RUN mkdir /run/sshd
# RUN mkdir /var/run/sshd
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]
After building, I start container by docker run -d --name ssh00 debian-ssh00
. Then docker exec -it ssh00 bash
-> ssh localhost
, it give me message:
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:sF5hbx2GTw/Fq3QhQyRJ2+YNwBFPy/Iu5c8PtgpU/ok.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
root@localhost's password:
Permission denied, please try again.
root@localhost's password:
Permission denied, please try again.
root@localhost's password:
root@localhost: Permission denied (publickey,password).
I type password 123456
above. Why this happended?
I use docker for windows with latest version, i.e. docker engine v20.10.2 but still using backend hyper-V
Update:
There was an official tutorial about Dockerize an SSH service in the year 2020. But now it is discouraged.
2
Answers
First, once in your Docker bash session, try and change the root password (again) with the
passwd
command: it will ask you for your old password (the one you put in Dockerfile).That way, you can double check the default container account (here
root
) does indeed have the password ‘123456’.Second, try the same ssh command in verbose mode, to see if any clues are apparent:
If the password for root is correct, then check you
/etc/ssh/sshd_config
: if it hasPermitRootLogin no
, it would disallow any root session.If this works, you would need to modify your Dockerfile in order to amend the
/etc/ssh/sshd_config
.The OP Spaceship222 confirms in the discussion:
This is purely configuration of sshd daemon issue. By default for security reasons access to root account with password authentication is disabled so you have two options:
For your particular case if you really want to solve your problem with
You can add one line to your Dockerfile which generates a public/private keypair and adds it to your authorized_keys for root user OR you can run this command after you first login using docker exec command.
Your altered Dockerfile (public/private key version)
OR simply run this command in container after you execute into bash
UPDATE:
You are using sed but sed isn’t available so as for starter you need to add sed with apt and if you want to build this container with PermitRootLogin yes you need to use sed to change the /etc/ssh/sshd_config file.
Your altered Dockerfile (root password login allowed)
I hope this solves your problem fully.