Docker Community Forums

Share and learn in the Docker community.

Issues with gitlab-ce and SSH

docker

(Zer0w1re) #1

I am having a weird problem with this container. I know it is specific to gitlab so I’m not sure how much experience you might have with that, but I don’t know if it is a problem with a docker config file or what.

So, I have a gitlab-ce container, and I am trying to be able to connect via SSH (to push and pull to repos). I have port 2222 on my host machine mapped to port 22 on the container. I’ve logged into the container while it was running and verified that the sshd daemon was running, as well as permissions to .ssh/authorized_hosts and related files. Everything should be working fine. But, when I try to login from my desktop, to git@ip:2222, it gives me the error Connection reset by <IP>.

Weird part is, I can connect just fine if I try to SSH from the docker host into the container. This works with the container’s local IP, the host machine’s domain name, and the host machine’s public IP.

This is running on an AWS instance, so I have verified that the security-group allows for port 2222, and I have also completely flushed iptables so there are no ports being blocked by the host.

WEIRDER PART :slight_smile: When I am on my desktop, and I run nc <IP> 2222, what do I get? Oh yes, SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1 a nice SSH banner. So, my desktop can definitely see the sshd service running inside the container!

I am just completely baffled by this, and I’ve been trying various stuff around the internet all day and I am really hoping someone here can point me in the right direction. :slight_smile:

If you need me to post any configuration files or logs, let me know and I’ll add them!


(Nathan Le Claire) #2

You have added your public key to ~/.ssh/authorized_keys?

Does the SSH server support public key authentication in its configuration?

What’s the output (please https://gist.github.com, don’t post here) of ssh -vvv from the failing operation? This will tell you more about what is going wrong since the port seems accessible.

BTW, I think this is where I’m supposed to tell you not to run SSH in containers :wink:


(Zer0w1re) #3

Hey! Thanks for taking the time to reply.

Embarrassingly enough, I discovered that it was actually my campus network blocking the connection… VPN to my home and it works fine.

I guess I didn’t really check since I was able to see the SSH banner with netcat. I’m still baffled by that, to be honest, but hey it works!

I know it is conventional not to run SSH in containers, but I was running a gitlab-ce container, and I wanted to be able to push/pull to repos via SSH, not HTTP/S.

Thanks again for the response :slight_smile:


(Nathan Le Claire) #4

shakes fist Netwoooooooork!!!