当前位置：首页 > news >正文

用 Dockerfile为镜像添加SSH服务

news 2025/8/20 14:52:56

1、基础镜像ubuntu:18.04

2、替换为国内的安装源

3、安装openssh-server

4、允许root用户远程登陆

5、暴露端口22

6、服务开机自启动

1.创建目录

[root@openEuler-node1 db]# mkdir sshd_ubuntu

2.创建 Dockerfile、 run.sh 、authorized_keys、vim aliyun.list 文件

[root@openEuler-node1 sshd_ubuntu]# cd sshd_ubuntu
[root@openEuler-node1 sshd_ubuntu]# touch Dockerfile run.sh authorized_keys vim aliyun.list

3.在宿主主机上生成 SSH 密钥对,写入authorized_keys

[root@openEuler-node1 ~]# ssh-keygen -t rsa
[root@openEuler-node1 sshd_ubuntu]# cd sshd_ubuntu
[root@openEuler-node1 sshd_ubuntu]# cat ~/.ssh/id_rsa.pub > authorized_keys

4.编写更改Ubuntu的源为国内aliyun源

[root@openEuler-node1 sshd_ubuntu]# vim aliyun.list
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse

5.编写run.sh

#!/bin/bash
/usr/sbin/sshd -D

5.编写 Dockerfile

[root@openEuler-node1 sshd_ubuntu]# vim Dockerfile FROM ubuntu:18.04
MAINTAINER yuj<yj@qq.com>COPY aliyun.list /etc/apt/sources.list.d/aliyun.list
RUN apt update && \apt install -y openssh-server && \mkdir /var/run/sshd && \sed -ri 's/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g' /etc/pam.d/sshd && \mkdir /root/.ssh
COPY authorized_keys /root/.ssh/
COPY run.sh /run.sh
RUN chmod 755 /run.shEXPOSE 22
CMD ["/run.sh"]

6.制作镜像并启动容器

[root@openEuler-node1 sshd_ubuntu]# docker build -t sshd:ubuntu_v1 ./
[root@openEuler-node1 sshd_ubuntu]# docker run -d -P sshd:ubuntu_v1

7.查看容器运行状态

[root@openEuler-node1 sshd_ubuntu]# docker ps 
CONTAINER ID   IMAGE            COMMAND                   CREATED             STATUS             PORTS                                     NAMES
3df76cc3dedd   sshd:ubuntu_v1   "/run.sh"                 6 seconds ago       Up 5 seconds       0.0.0.0:32776->22/tcp, :::32776->22/tcp   vigorous_williamson

8.用ssh连接登陆这个容器

[root@openEuler-node1 sshd_ubuntu]# ssh 192.168.136.55 -p 32776
The authenticity of host '[192.168.136.55]:32776 ([192.168.136.55]:32776)' can't be established.
ED25519 key fingerprint is SHA256:PCuiPOPbts35IzrOQ3PvZsU0+W+i7O1zheVc1XmDgHU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.136.55]:32776' (ED25519) to the list of known hosts.
Welcome to Ubuntu 18.04.6 LTS (GNU/Linux 5.10.0-182.0.0.95.oe2203sp3.x86_64 x86_64)
root@3df76cc3dedd:~#

查看全文

http://www.lryc.cn/news/311291.html