위키
포럼
도구
바뀐글
랜덤

SSH 접속 가능한 알파인 도커 이미지 빌드

1 개요[ | ]

SSH 접속 가능한 alpine 도커 이미지 빌드
SSH 접속 가능한 알파인 도커 이미지 빌드

2 dockerfile 작성[ | ]

vi Dockerfile
패스워드 로그인 가능
FROM alpine
RUN set -x \
&& apk add --no-cache openssh \
&& sed 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' -i /etc/ssh/sshd_config \
&& echo 'root:P@ssw0rd' | chpasswd \
&& ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa \
&& ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa \
&& mkdir -p /var/run/sshd
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"]
RSA 개인키 로그인 가능
FROM alpine
RUN set -x \
&& apk add --no-cache openssh \
&& echo 'root:P@ssw0rd' | chpasswd \
&& ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa \
&& mkdir -p ~/.ssh/ \
&& echo 'ssh-rsa AAAAB3Nza**공개키생략**REDACTED' > ~/.ssh/authorized_keys
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"]

3 docker build[ | ]

rootr@localhost:~# docker build -t ssh_alpine .
Sending build context to Docker daemon  3.072kB
Step 1/9 : FROM alpine
latest: Pulling from library/alpine
aad63a933944: Pull complete                                                                                                                                                                                  Digest: sha256:b276d875eeed9c7d3f1cfa7edb06b22ed22b14219a7d67c52c56612330348239
Status: Downloaded newer image for alpine:latest
 ---> a187dde48cd2
Step 2/9 : RUN apk add --no-cache openssh
 ---> Running in 1860979e8030
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz
(1/9) Installing openssh-keygen (8.1_p1-r0)
(2/9) Installing ncurses-terminfo-base (6.1_p20200118-r2)
(3/9) Installing ncurses-libs (6.1_p20200118-r2)
(4/9) Installing libedit (20191211.3.1-r0)
(5/9) Installing openssh-client (8.1_p1-r0)
(6/9) Installing openssh-sftp-server (8.1_p1-r0)
(7/9) Installing openssh-server-common (8.1_p1-r0)
(8/9) Installing openssh-server (8.1_p1-r0)
(9/9) Installing openssh (8.1_p1-r0)

... (생략)

+---[DSA 1024]----+
|       .  ..o oo+|
|        o.+..+ +@|
|       . B.+  ==O|
|        +o+ .o O*|
|        S .oE.* +|
|           .oo...|
|             . oo|
|              o.*|
|               ==|
+----[SHA256]-----+
Removing intermediate container 42728c86c409
 ---> 1321a005abb7
Step 7/9 : RUN mkdir -p /var/run/sshd
 ---> Running in 3fd19eb80a8f
Removing intermediate container 3fd19eb80a8f
 ---> 918cc9ab3b27
Step 8/9 : EXPOSE 22
 ---> Running in d2678c47caca
Removing intermediate container d2678c47caca
 ---> 36015df6782c
Step 9/9 : CMD ["/usr/sbin/sshd","-D"]
 ---> Running in 4d371c311375
Removing intermediate container 4d371c311375
 ---> b5544ed76d0a
Successfully built b5544ed76d0a
Successfully tagged ssh_alpine:latest
SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.

$ docker image list
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
ssh_debian          latest              3eae6b65c4b5        50 minutes ago      172MB
debian              latest              58075fe9ecce        11 days ago         114MB

4 docker run[ | ]

rootr@localhost:~# docker run -d -P --name test ssh_alpine
f09dc57a6846af4d526f013ad301ec159c86f2110b6d14ef014f89e28b5ad803

rootr@localhost:~# docker ps
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                   NAMES
f09dc57a6846        ssh_alpine          "/usr/sbin/sshd -D"   3 seconds ago       Up 3 seconds        0.0.0.0:32779->22/tcp   test

rootr@localhost:~# docker exec -it test /bin/sh                                                                                                                                               / # ps -ef
PID   USER     TIME  COMMAND
    1 root      0:00 /usr/sbin/sshd -D
    6 root      0:00 sshd: root@pts/0
    8 root      0:00 -ash
   10 root      0:00 /bin/sh
   15 root      0:00 ps -ef

/ # cat /etc/ssh/sshd_config | grep PermitRoot
PermitRootLogin yes
# the setting of "PermitRootLogin without-password".

/ # exit
rootr@localhost:~#

5 SSH 로그인 테스트[ | ]

rootr@localhost:~# docker ps                                                                                             
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                   NAMES
e8ca671afa2a        ssh_debian          "/usr/sbin/sshd -D"   16 minutes ago      Up 16 minutes       0.0.0.0:32770->22/tcp   ssh_debian_hello

rootr@localhost:~# ssh root@localhost -p 32779
The authenticity of host '[localhost]:32779 ([127.0.0.1]:32779)' can't be established.
RSA key fingerprint is SHA256:sfKOXeGWYaBCjEMFwOX3aDBE/RFSp323LqO6ndEF5xA.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:32779' (RSA) to the list of known hosts.

root@localhost's password: P@ssw0rd
Welcome to Alpine!

The Alpine Wiki contains a large amount of how-to guides and general
information about administrating Alpine systems.
See <http://wiki.alpinelinux.org/>.

You can setup the system with the command: setup-alpine

You may change this message by editing /etc/motd.

f09dc57a6846:~# ps -ef
PID   USER     TIME  COMMAND
    1 root      0:00 /usr/sbin/sshd -D
    6 root      0:00 sshd: root@pts/0
    8 root      0:00 -ash
    9 root      0:00 ps -ef
f09dc57a6846:~#

f09dc57a6846:~# exit
Connection to localhost closed.
rootr@localhost:~#

6 뒷정리[ | ]

docker rm -f test
docker rmi ssh_alpine

7 같이 보기[ | ]

원본 주소 "https://zetawiki.com/w/index.php?title=SSH_접속_가능한_알파인_도커_이미지_빌드&oldid=803297"
문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}