0%

Docker容器中配置sshd服务

以前我们要做一个实验,需要安装虚拟机,安装需要耗费一定的时间,就算是复制虚拟机,也会占用大量磁盘空间。现在我们只需要创建一个CentOS的Docker容器就可以了,比较方便。

拉取操作系统镜像

这里我们采用CentOS

1
docker pull centos

centos镜像拉取到本地后,我们查看一下

1
2
3
docker images 
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 67fa590cfc1c 6 weeks ago 202MB

运行容器并进入容器

1
2
docker run -it centos bash
[root@ca6a84a514c2 /]#

修改yum源

如果是在公司内网环境,需要改为内网的源。如果是国外的源,也可以换成国内的源。
具体方法请参考 将Centos7的yum源更换为国内阿里云的源

安装所需软件

安装ip工具

1
yum install -y iproute

安装ssh软件

1
yum install -y openssh-server openssh-clients

会有ssh相关软件被拷贝到/usr/sbin目录

需要软件sshd的绝对路径去启动sshd服务,不然会报如下错误。

1
2
./sshd
sshd re-exec requires execution with an absolute path

输入全路径执行命令,继续出现错误,如下:

1
2
3
4
5
/usr/sbin/sshd
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
sshd: no hostkeys available -- exiting.

执行sshd-keygen命令解决上述问题

1
2
3
4
/usr/sbin/sshd-keygen 
Generating SSH2 RSA host key: [ OK ]
Generating SSH2 ECDSA host key: [ OK ]
Generating SSH2 ED25519 host key: [ OK ]

给root生成一个密码

1
2
3
4
5
6
passwd root
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.

启动sshd服务

1
2
3
/usr/sbin/sshd
[root@ca6a84a514c2 sbin]# ps -ef | grep sshd
root 108 1 0 09:14 ? 00:00:00 /usr/sbin/sshd

验证sshd服务

1
2
3
4
5
ssh root@localhost
root@localhost's password:
Last failed login: Sun Sep 29 09:16:59 UTC 2019 from localhost on ssh:notty
There were 3 failed login attempts since the last successful login.
Connection to localhost closed.

会遇到连不上去的问题,这时,需要修改/etc/ssh/sshd_config配置。

把里面的UsePAM yes改为UsePAM no

杀掉之前sshd进程后,再次启动

1
2
/usr/sbin/sshd
WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several problems.

这时就可以成功登录了。

1
2
3
root@localhost
root@localhost's password:
Last login: Sun Sep 29 09:20:41 2019 from localhost

生成一个新的镜像

退出容器,并查看容器id

1
2
3
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ca6a84a514c2 centos "bash" 34 minutes ago Exited (255) 11 seconds ago musing_goodall

生成一个新的镜像

1
2
docker commit ca6a84a514c2 basic_centos 
sha256:2f965d1db627968f66bf968db7c052f1dec02b84a0b508ef896b3c8d93f97fb7

查看镜像

1
2
3
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
basic_centos latest 2f965d1db627 26 seconds ago 284MB

运行镜像

1
docker run -dit basic_centos /usr/sbin/sshd -D

此时,就可以通过ssh client连接上去了。