1.创建工作目录
$ mkdir sshd_ubuntu
在其中创建Dockerfile和run.sh
$ cd sshd_ubuntu/
$ ls
$ touch Dockerfile run.sh
2.编写run.sh脚本和authorized_keys
脚本内容如下:
#!/bin/bash
/usr/sbin/sshd -D
在宿主机上生成SSH密钥对,并创建authorized_keys文件:
$ ssh-keygen -t rsa
...
$ cat ~/.ssh/id_rsa.pub >authorized_keys
3.编写Dockerfile
#设置继承镜像
FROM ubuntu
#提供作者信息
MAINTAINER ylmcr7
#运行命令,更改为国内的163源
RUN echo "deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse" > /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse" >> /etc/apt/sources.list
RUN apt-get update
#安装ssh服务
RUN apt-get install -y openssh-server
RUN mkdir -p /var/run/sshd
RUN mkdir -p /root/.ssh
#取消pam限制
RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
#复制配置文件到相应位置,并赋予脚本可执行权限
ADD authorized_keys /root/.ssh/authorized_keys
ADD run.sh /run.sh
RUN chmod 755 /run.sh
#开放端口
EXPOSE 22
#设置自启动命令
CMD ["/run.sh"]
4.创建镜像
$ cd sshd_ubuntu
$ docker build -t sshd:dockerfile .
5.测试镜像,运行容器
$ docker run -d -p 10222:22 sshd:dockerfile
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ec2194980670 sshd:dockerfile "/run.sh" 11 minutes ago Up 11 minutes 0.0.0.0:10122->22/tcp stoic_visvesvaraya
在宿主机新打开一个终端,连接到新建的容器:
[root@docker sshd_ubuntu]# ssh 10.0.0.45 -p 10122
The authenticity of host '[10.0.0.45]:10122 ([10.0.0.45]:10122)' can't be established.
ECDSA key fingerprint is SHA256:JKsxqfTkt/VtHLel0llTaMXtaW7X1TElPsFpH6n7Q0s.
ECDSA key fingerprint is MD5:66:6a:d4:d0:62:ea:af:03:85:da:21:18:e9:c1:37:d9.
Are you sure you want to continue connecting (yes/no)? yes
root@ec2194980670:~#