Speaking before landing container can attach and by two exec command, but if you encounter scene requires remote login via ssh container, you need to manually add the ssh service.
Here are two ways to create a mirror with ssh services, commit command creates and is created by Dockerfile.
First, create a mirror commit command
docker provides a docker commit command, allowing users to submit their own modifications to the container, and generate a new image. The command format is docker commit CONTAINER [REPOSITORY [: TAG]].
Here's how to ubuntu: 18.04 Mirror added SSH service process.
1.1, ready to work
First, get ubuntu18: 04 Mirror and create a container
$ docker pull ubuntu:18.04 $ docker run -it ubuntu:18.04 bash
1.2, configuration software source
If too slow official source can be replaced by domestic sources, for example here at the source Ali
First, the backup file /etc/apt/sources.list, and then replace the contents.
root@99c04606894d:/# cp /etc/apt/sources.list /etc/apt/sources.list.bak root@99c04606894d:/# echo "deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse" > /etc/apt/sources.list root@99c04606894d:/# echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse" >> /etc/apt/sources.list root@99c04606894d:/# echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse" >> /etc/apt/sources.list
Software update information source
root@99c04606894d:/# apt-get update
1.3, install and configure SSH service
Install openssh-server
root@99c04606894d:/# apt install openssh-server
In order to serve normal start, you need to create the directory / var / run / sshd
root@99c04606894d:/# mkdir -p /var/run/sshd
Background start the service:
root@99c04606894d:/# /usr/sbin/sshd -D &
Want to use netstat to see ssh port 22 occupied service, but found no command, you need to first install the required software, using the apt-file viewing software needs to be installed.
@ 99c04606894d root: / # APT-GET install APT- File following this step must be done root @ 99c04606894d: / # APT- File Update root @ 99c04606894d: / # APT- File Search / bin / netstat NET -tools: / bin / the netstat the netstat -nat: / usr / bin / the netstat-NAT
You can see the net-tools package needs to be installed, install the package and view ports:
root@99c04606894d:/# apt-get install net-tools root@99c04606894d:/# netstat -an | grep :22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 :::22 :::* LISTEN
Modify SSH security services landing configuration, cancel pam landing restrictions:
root@99c04606894d:/# sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
Create the .ssh directory in the container root user's home directory, and copy the public key information required landing (usually host the user's home directory .ssh / id_rsa.pub file can be generated using ssh-keygen -t rsa command) to the authorized_keys file in:
root@99c04606894d:/# mkdir root/.ssh
root@99c04606894d:/# vi /root/.ssh/authorized_keys
If there is no vi command, you can install vim tool, apt-get install vim
Create an executable file to automatically start the SSH services run.sh, and add executable permissions
root@99c04606894d:/# touch /run.sh root@99c04606894d:/# chmod +x /run.sh root@99c04606894d:/# vi /run.sh #!/bin/bash /usr/sbin/sshd -D
Finally, exit the container:
root@ce21cd862b7e:/# exit
1.4, save image
View container
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 99c04606894d ubuntu:18.04 "bash" About an hour ago Exited (0) 9 seconds ago elegant_mendeleev
Generate a new image sshd: ubuntu
$ docker commit 99c04606894d sshd:ubuntu
sha256:275da5f9600434f238c2d455a8fd103e0c55ad5c6113d2739a56839985832363
View Mirror
$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE sshd ubuntu 275da5f96004 7 seconds ago 494MB
1.5, using a mirror
Starting container, and mapping the host port 22 to the container port 10022:
$ docker run -p 10022:22 -d sshd:ubuntu /run.sh ce21cd862b7edc64c0cd3853dc4a7c2fffe977a21254cd4b866748dac516b371
View container
$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ce21cd862b7e sshd:ubuntu "/run.sh" 4 seconds ago Up 2 seconds 0.0.0.0:10022->22/tcp fervent_jennings
Landing container, no need to enter a password to login
$ ssh root@192.168.121.121 -p 10022
The authenticity of host '[192.168.121.121]:10022 ([192.168.121.121]:10022)' can't be established. ECDSA key fingerprint is SHA256:a5DBqdYJ+WuBgJh5GhRb/fXgrtZcgDpL0dzZZqzKy88. ECDSA key fingerprint is MD5:e2:d3:99:0b:d4:ce:9e:ea:f2:4b:18:d9:25:8d:08:fe. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.121.121]:10022' (ECDSA) to the list of known hosts. Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 3.10.0-693.el7.x86_64 x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage This system has been minimized by removing packages and content that are not required on a system that users do not log into. To restore this content, you can run the 'unminimize' command. The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@18ff1392f000:~#
Second, the use Dockerfile create
2.1, create a working directory
First, create a working directory sshd_ubuntu
$ mkdir sshd_ubuntu
Creating Dockerfile and run.sh
$ cd sshd_ubuntu/ $ touch Dockerfile run.sh $ vi run.sh #!/bin/bash /usr/sbin/sshd -D
2.2, write authorized_keys file
Generated on the SSH host key pair and create authorized_keys file:
$ ssh-keygen -t rsa $ cat ~/.ssh/id_rsa.pub >authorized_keys
2.3, write Dockerfile
$ We Dockerfile
# Settings are inherited mirroring the FROM ubuntu: 18.04 # to provide some information about the author MAINTAINER shangxiaozhou ([email protected]) # starts running the following command to change the source of ubuntu here for domestic source Ali RUN echo " deb HTTP: // Mirrors. Bionic main Tel Restricted Universe Multiverse aliyun.com/ubuntu/ " > / etc / APT / sources.list RUN echo " deb-src http://mirrors.aliyun.com/ubuntu/ Bionic main Tel Restricted Universe Multiverse " >> / etc / APT / sources.list RUN echo " deb http://mirrors.aliyun.com/ubuntu/ Bionic-Security main Tel Restricted Universe Multiverse " >> / etc / APT / sources.list RUNecho "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse" >> /etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse" >> /etc/apt/sources.list RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse" >> /etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse" >> /etc/apt/sources.list RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse" >> /etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse" /etc/apt/sources.list RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse" >> /etc/apt/sources.list RUN apt-get update # 安装ssh服务 RUN apt-get install -y openssh-server RUN mkdir-p / var / RUN / the sshd the RUN mkdir -p / the root /. SSH the RUN Sed -ri ' S / required pam_loginuid.so/#session the session required pam_loginuid.so/g ' /etc/pam.d/ the sshd # copy configuration files to the appropriate location, and given the script executable permissions to the ADD authorized_keys / root /. SSH / authorized_keys the ADD RUN. SH / RUN. SH RUN chmod 755 / RUN. SH # open ports EXPOSE 22 # set from the start command CMD [ " / RUN .sh " ]
2.4, create a mirror
$ docker build -t sshd:dockerfile .
View mirror created
$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE sshd dockerfile 828c78d68a36 9 seconds ago 231MB ubuntu 18.04 4c108a37151f 4 weeks ago 64.2MB
2.5, running container
$ docker run -d -p 10022:22 sshd:dockerfile b45d884c2cbb591fe97a34064c2b9ee09ffedf1cff22e992df0c582a99da2011
View container created
$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b45d884c2cbb sshd:dockerfile "/run.sh" 3 seconds ago Up 2 seconds 0.0.0.0:10022->22/tcp lucid_brown
Log container
$ ssh root@192.168.121.121 -p 10022 Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 3.10.0-693.el7.x86_64 x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage This system has been minimized by removing packages and content that are not required on a system that users do not log into. To restore this content, you can run the 'unminimize' command. The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@b45d884c2cbb:~#
If no password to prevent root direct container, can be annotated ADD authorized_keys /root/.ssh/authorized_keys this step, use the following command instead, to create a common account and password, set the root password
RUN useradd dkuser
RUN echo "dkuser: 123456" | chpasswd
RUN echo "root: 123456" | chpasswd
In this case you can only log in container by ordinary accounts dkuser, and then go to the root user.