Docker Community Forums

Share and learn in the Docker community.

Injecting ssh keys into containers via script


(Pl3bs) #1

Hi,

I’m in the process of starting up a small hosting company for forum software (the same one running these boards :smiley: ) which is housed in a docker containers. I’m running into difficulties in automating a step which is needed to properly utilize my service in full.

So the function I’m trying to setup from a customers standpoint is backup/restore on a remote raid array. This requires scripting to take place, and the transferring of files from and to the container & remote array. I’m at the point that setting up ssh keys is needed, yet am seeing a bit of weirdness here. Perhaps this is simple error and someone can point me in the correct direction?

So I can enter the container no problem. I can then ssh-copy-id, but this would need be done manually. I’ve figured a way to transfer files into the container from the local host it resides within, but am not seeing how to transfer files outside the container elsewhere without prompt.

It seems the easy solution is to copy the keys, yet after I copy to the /root/.ssh directory, the prompt for password still comes up. If I manually ssh-copy-id, it will of course succeed in transferring/connecting without password prompt, but this isn’t a real solution, as it’s not auto-provisioned for the service.

Interestingly, if I delete the files in the /root/.ssh directory, it will still succeed in transferring without prompt. How could this be the case if I’m attempting from the root acct? There seems to be some sort of wonkiness going on here.


(Sebastian Köhlmeier) #2

Hi,

I’m note sure if i know exactly what you want to do.
If i understand u right, you want to place a private key into the docker to connect ssh from the docker to another server without prompting?

so in this case I’m using a ssh key generated on the host, placed the public key on the remote host.
then connected to generate “known_hosts” file.
if this is done i’m starting up the container with -v option to link the 2 files on right place.

don’t know if this is the best solution, but it works in my case.


(Pl3bs) #3

Hey Sebastian, thanks for the reply. Sorry I haven’t updated the OP, but I solved the issue a long while ago. It seems there is an alternative directory for the ssh keys on Discourse installs, but it’s not even necessary to mess with them. You can enter the container via:

./launcher enter CID

Most of the scripting happens just outside the container via:

docker exec

I’ve automated remote backups, restores, and failover :+1: and am a week or so away from announcing a beta launch.

Thanks again :smile:

pl3bs