• Ubuntu下面的docker开启ssh服务


    选择主流的openssh-server作为服务端:

    复制代码
    root@161f67ccad50:/# apt-get install openssh-server -y
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    openssh-server is already the newest version.
    0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
    root@161f67ccad50:/# 
    复制代码

      如果需要正常启动SSH服务,则目录/var/run/sshd必须存在。手动创建并启动SSH服务:

    root@161f67ccad50:/# mkdir -p /var/run/sshd
    root@161f67ccad50:/# /usr/sbin/sshd -D &
    [1] 3020
    root@161f67ccad50:/#

      此时查看容器的22端口:

    root@161f67ccad50:/# netstat -lnutp|grep 22
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3020/sshd       
    tcp6       0      0 :::22                   :::*                    LISTEN      3020/sshd       
    root@161f67ccad50:/# 

    在root用户家目录创建.ssh目录,并复制需要登录的公钥信息到.ssh目录下的authorized_keys中:
    root@161f67ccad50:/# mkdir /root/.ssh
    root@161f67ccad50:/# cd /root/.ssh
    root@161f67ccad50:~/.ssh# ls
    root@161f67ccad50:~/.ssh# vi /root/.ssh/authorized_keys
    
    

      创建自启动的SSH服务可执行文件run.sh,并添加可执行权限:

    
    
    root@161f67ccad50:/# cat run.sh
    #!/bin/bash
    /usr/sbin/sshd -D &
    root@161f67ccad50:/# chmod +x run.sh
    root@161f67ccad50:/#
    
    

      退出容器:

    
    
    root@161f67ccad50:/# exit
    exit
    [root@docker ~]# 
    
    

    3.保存镜像

    
    

      将退出的容器用docker commit命令保存为一个新的sshd:ubuntu镜像:

    
    
    [root@docker ~]# docker commit 161f67ccad50 sshd:ubuntu
    sha256:f328073a034ae63f93114a92b62141f22a578131ecb663702ac17916bde456a2
    [root@docker ~]# 
    
    

      使用docker images查看本地生成的新镜像sshd:ubuntu:

    
    
    复制代码
    [root@docker ~]# docker images
    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
    sshd                ubuntu              f328073a034a        2 minutes ago       284MB
    centos              7                   3fa822599e10        3 hours ago         204MB
    mariadb             latest              d29cee62e770        26 hours ago        398MB
    nginx               latest              9e7424e5dbae        7 days ago          108MB
    ubuntu              16.04               20c44cd7596f        12 days ago         123MB
    ubuntu              latest              20c44cd7596f        12 days ago         123MB
    ubuntu              14.04               d6ed29ffda6b        12 days ago         221MB
    busybox             latest              6ad733544a63        3 weeks ago         1.13MB
    centos              latest              d123f4e55e12        3 weeks ago         197MB
    alpine              latest              053cde6e8953        3 weeks ago         3.96MB
    [root@docker ~]# 
    复制代码
    
    

    4.使用镜像

    
    

      启动容器,并添加端口映射到容器的22端口:

    
    
    复制代码
    [root@docker ~]# docker run -it --name sshd_ubuntu -p 10022:22  sshd:ubuntu
    root@0f8481ffd0d0:/# netstat -lnutp|grep 22
    root@0f8481ffd0d0:/# /usr/sbin/sshd -D &
    [1] 16
    root@0f8481ffd0d0:/# netstat -lnutp|grep 22
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      16/sshd
    tcp6       0      0 :::22                   :::*                    LISTEN      16/sshd
    root@0f8481ffd0d0:/#
    复制代码
    
    

      在宿主机通过ssh连接10022端口:

    
    
    复制代码
    [root@docker ~]# ssh 10.0.0.31 -p 10022
    The authenticity of host '[10.0.0.31]:10022 ([10.0.0.31]:10022)' can't be established.
    ECDSA key fingerprint is 74:a1:80:00:85:17:d5:ec:57:7a:cb:cb:1e:7d:4a:1f.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '[10.0.0.31]:10022' (ECDSA) to the list of known hosts.
    Welcome to Ubuntu 14.04 LTS (GNU/Linux 4.4.0-98-generic x86_64)
    
     * Documentation:  https://help.ubuntu.com/
    
    The programs included with the Ubuntu system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
    applicable law.
    
    root@0f8481ffd0d0:~# 
    复制代码
    
    

    2、使用Dockerfile创建

    
    

    1.创建工作目录

    
    
    [root@docker ~]# mkdir -p sshd_ubuntu
    [root@docker ~]# ls
    anaconda-ks.cfg  daemon.json  docker-pid  sshd_ubuntu
    [root@docker ~]#
    
    

      在其中创建Dockerfile和run.sh文件:

    
    
    [root@docker ~]# cd sshd_ubuntu/ && touch Dockerfile run.sh
    [root@docker sshd_ubuntu]# ls
    Dockerfile  run.sh
    [root@docker sshd_ubuntu]#
    
    

    2.编写run.sh脚本和authorized_keys文件

    
    
    [root@docker sshd_ubuntu]# vim run.sh 
    [root@docker sshd_ubuntu]# cat run.sh 
    #!/bin/bash
    /usr/sbin/sshd -D &
    [root@docker sshd_ubuntu]# cat /root/.ssh/id_rsa.pub > ./authorized_keys
    [root@docker sshd_ubuntu]#
    
    

    3.编写Dockerfile

    
    
    复制代码
    [root@docker sshd_ubuntu]# cat Dockerfile 
    # 基础镜像信息
    FROM ubuntu:14.04
    
    # 维护者信息
    MAINTAINER staryjie staryjie@163.com
    
    # 更新apt缓存、安装ssh服务
    RUN apt-get update && apt-get install -y openssh-server
    RUN mkdir -p /var/run/sshd /root/.ssh
    RUN sed -ri 's#session    required     pam_loginuid.so#session    required     pam_loginuid.so#g' /etc/pam.d/sshd
    
    # 配置免密要和自启动脚本
    ADD authorized_keys /root/.ssh/authorized_keys
    ADD run.sh /run.sh
    RUN chmod 755 /run.sh
    
    # 暴露22端口
    EXPOSE 22
    
    # 设置脚本自启动
    CMD ["/run.sh"]
    [root@docker sshd_ubuntu]# 
    复制代码
    
    

    4.创建镜像

    
    
    复制代码
    [root@docker ~]# cd ~/sshd_ubuntu/ && docker build -t sshd:ubuntu2 .
    Removing intermediate container e86118d7da77
    Successfully built 12abdcc3350f
    Successfully tagged sshd:ubuntu2
    [root@docker sshd_ubuntu]# docker images
    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
    sshd                ubuntu2             12abdcc3350f        7 seconds ago       284MB
    sshd                ubuntu              f328073a034a        About an hour ago   284MB
    centos              7                   3fa822599e10        4 hours ago         204MB
    mariadb             latest              d29cee62e770        27 hours ago        398MB
    nginx               latest              9e7424e5dbae        7 days ago          108MB
    ubuntu              16.04               20c44cd7596f        12 days ago         123MB
    ubuntu              latest              20c44cd7596f        12 days ago         123MB
    ubuntu              14.04               d6ed29ffda6b        12 days ago         221MB
    busybox             latest              6ad733544a63        3 weeks ago         1.13MB
    centos              latest              d123f4e55e12        3 weeks ago         197MB
    alpine              latest              053cde6e8953        3 weeks ago         3.96MB
    [root@docker sshd_ubuntu]# 
    复制代码
    
    

    5.测试镜像,运行容器

    
    
    [root@docker sshd_ubuntu]# docker run -it --name ssh_test -p 10122:22 sshd:ubuntu2 bash
    root@c03d5c93ec84:/# netstat -lnutp|grep 22
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      17/sshd 
    tcp6       0      0 :::22                   :::*                    LISTEN      17/sshd 
    root@c03d5c93ec84:/#
    
    

    宿主机ssh连接:

    
    
    复制代码
    
    
    [root@docker ~]# ssh 10.0.0.31 -p 10122
    The authenticity of host '[10.0.0.31]:10122 ([10.0.0.31]:10122)' can't be established.
    ECDSA key fingerprint is 13:3a:46:78:aa:b0:ac:9b:75:1f:ba:99:82:c6:8b:76.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '[10.0.0.31]:10122' (ECDSA) to the list of known hosts.
    Welcome to Ubuntu 14.04 LTS (GNU/Linux 4.4.0-98-generic x86_64)
    
     * Documentation:  https://help.ubuntu.com/
    
    The programs included with the Ubuntu system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
    applicable law.
    
    root@c03d5c93ec84:~# 
     
  • 相关阅读:
    【java/jdbc】求Oracle表中字符串类型、Data类型、TimeStamp类型字段的时间差(时分秒hms形式)
    转贴【Oracle.DBA】Oracle temp表空间爆满的处理方法
    【Oracle/sqlplus】利用Spool批量删除系统中的表
    在Win/Linux如何连续跟踪应用的CPU和内存使用率
    【Java.异常】记一次一千三百万记录的表迁移时发生的异常Java.sql.SQLException,关闭的ResultSet;findColumn
    jdbc连postgresql库时schema设置
    2ESP8266转CAN总线和RS232通讯模块CAN总线通信测试Arduino
    21物联网开发终端管理篇安装PHP,测试GET,POST接口(.Windows系统)
    11物联网开发终端管理篇java从MQTT获取设备数据,并通过Druid连接池把数据写入MySQL数据库(Linux系统,宝塔)
    001STM32+MN316(NBIOT)基本控制篇(阿里云物联网平台)C#,网页,android,微信小程序,单片机等使用MQTT接入阿里云物联网平台
  • 原文地址:https://www.cnblogs.com/xingyunfashi/p/8857093.html
Copyright © 2020-2023  润新知