I want to create a network of a container in which one central container should be able to ssh into all other containers. I know that it’s not advised to ssh from one container to another, and we can use volume for data sharing but in my production network, there is a script which ssh into some system and does something. So I want to simulate the same environment using a container so that I can test new feathers and add in a production network.

Hi

So whats the question?

Sure it can be done, by starting the sshd in the containers, is this purely ssh only containers or will the containers run some other service?

Purely ssh only containers. @terpz Can you please help me to do it . I ran to containers with ssh running on both. I am able to ssh from host to both the container but I am not able to ssh from one container to another. I tried so many different ways but I failed .

• Docker file I am using is:

  FROM ubuntu:16.04
  RUN apt-get update
  RUN apt-get install -y netcat ssh iputils-ping
  EXPOSE 22

• In the container I am running below commands
  root@d0b0e44f7517:/# mkdir /var/run/sshd
  root@d0b0e44f7517:/# chmod 0755 /var/run/sshd
  root@d0b0e44f7517:/# /usr/sbin/sshd
  root@d0b0e44f7517:/#
  root@d0b0e44f7517:/# useradd --create-home --shell /bin/bash --groups sudo u2
  root@d0b0e44f7517:/# passwd u2
  Enter new UNIX password:
  Retype new UNIX password:
  passwd: password updated successfully
  root@d0b0e44f7517:/#
  root@d0b0e44f7517:/#

I made two containers, both are same except one has user u1 and other has user u2 as shown above. After this, I tried to ssh from host to container using command ssh -X u2@localhost -p 32773(32773 is a port which is mapped to container’s 22 port). So ssh works from host to container but I am not able to ssh from one container to another container.

I have also this problem. In our team we have few server and one central server which ssh into all other server and monitor them. So whenever I want to do some changes, I have to test in on production network which is dangerous. I want to make network of container and one of them ssh into all other container and monitor them or make changes using ansible. For that ssh is mandatory. So @terpz waiting for your answer .

I want to do something like this

I will answer monday, im on a trip until then

But there is many ssh-only containers on docker hub, or is your requirements different?

I only want to ssh from one container to another and both the container should use Ubuntu base image. @tandeldipak had posted a dockerfile which build ubuntu image with has ssh & ip functionality can be consider to make container and that container should be able to ssh into one another. @terpz enjoy your trip will discuss on monday.

@terpz Please build an image from above docker file. It will be helpful for me as well as @uc123.

Hi again.

Every container is isolated, so you need to join them somehow, the old way was to use links but now, the way would be to create a shared network between the containers.

With this Dockerfile:

FROM ubuntu:16.04
RUN apt-get update && \
apt-get install -y netcat ssh iputils-ping && \
mkdir /var/run/sshd && \
chmod 0755 /var/run/sshd && \
useradd -p $(openssl passwd -1 u2password) --create-home --shell /bin/bash --groups sudo u2

EXPOSE 22

CMD [“/usr/sbin/sshd”, “-D”]

And this docker-compose.yml:

You can run this command, if you have docker-compose installed, else: Overview of installing Docker Compose | Docker Docs

› docker-compose.exe up -d
Creating network “sshtest_sshtest” with the default driver
Creating sshtest_container1_1 …
Creating sshtest_container1_1 … done
Creating sshtest_container2_1 … done

then if you check your “docker ps” you will see that there is now 2 containers.
Connect to one of them and you should be able to ssh to container1/container2 with login (u2 / u2password)

Hi @terpz I need a little help with alpine image. Are you familiar with that?

depends on what you need help with?

So, I made an alpine image with this Dockerfile …but when I create containers it always gives me sshd keys are missing and when I check sshd_config, it’s empty.
Dockerfile:
FROM alpine:latest

based on https://docs.docker.com/engine/examples/running_ssh_service/

RUN apk add --update ; apk add --no-cache
util-linux
iproute2
net-tools
iputils
iperf
tcptraceroute
openssh-server
RUN mkdir /var/run/sshd
RUN echo ‘root:doker’ | chpasswd
RUN sed -i ‘s/PermitRootLogin prohibit-password/PermitRootLogin yes/’ /etc/ssh/sshd_config
RUN echo ‘PermitRootLogin yes’ | cat >> /etc/ssh/sshd_config

SSH login fix. Otherwise user is kicked off after login

#RUN sed ‘s@session\srequired\spam_loginuid.so@session optional pam_loginuid.so@g’ -i /etc/pam.d/sshd
EXPOSE 22
CMD ["/usr/sbin/sshd", “-D”]

I have no idea where I am going wrong. If possible, please help.

Hi @terpz
I’m having two application which are running on a separate docker containers.
Running OB-BAA (open source broadband forum project) in one container.
Running my application in another container. My usecase is to establish a ssh connection between my application and OB-BAA .I’m using libssh2 in my application for establishing a connection.
When I’m running my application from the host machine, i’m able to connect OB-BAA container.
But when i tried to run my application in a separate centos docker container ,
while establishing a connection libssh2_session_handshake got failed with error code as -8(LIBSSH2_ERROR_KEY_EXCHANGE_FAILURE).
I’m not sure why key exchange got failed when running inside a docker.
I tried the following ways

1. generate the ssh-key again by ssh-keygen.
   2.copied the /root/.ssh folder from my linux machine to docker.
   3.Sharing the ssh-agent between host machine and docker by adding the below in docker-compose file

   environment:

   • SSH_AUTH_SOCK=/ssh-agent
     volumes:
   • ${SSH_AUTH_SOCK}:/ssh-agent

Below is my Dockerfile

FROM centos:7
EXPOSE 6653

RUN yum -y update &&
yum -y groupinstall ‘Development Tools’ &&
yum -y install vim mlocate flex flex-devel net-tools gdb screen &&
yum -y install autoconf libtool &&
yum -y install libssh2 libssh2-devel libxml2-devel openssl-devel readline-devel ncurses-devel &&
yum -y install initscripts

RUN mkdir -p /var/run/sshd
RUN yum -y update
RUN yum install -y openssh-server
RUN ssh-keygen -A
RUN ssh-keygen -t rsa

Tried running sshd in docker by

/usr/sbin/sshd -D

None of the above methods worked for me.
I’m missing anything to be done inside a docker?