Home Explore Help
Register Sign In
fphammerle
/
docker-rsync-sshd
mirror of https://github.com/fphammerle/docker-rsync-sshd
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

init openssh-server

Fabian Peter Hammerle 5 years ago
commit
2f57d351c4
4 changed files with 92 additions and 0 deletions
Split View Show Diff Stats
  1. 18 0
      Dockerfile
  2. 23 0
      README.md
  3. 25 0
      entrypoint.sh
  4. 26 0
      sshd_config

+ 18 - 0
Dockerfile
View File 

@@ -0,0 +1,18 @@
 
+FROM alpine:3.8
 
+
 
+RUN apk add --no-cache openssh-server
 
+
 
+ENV SSHD_HOST_KEYS_DIR /etc/ssh/host_keys
 
+VOLUME $SSHD_HOST_KEYS_DIR
 
+
 
+COPY sshd_config /etc/ssh/sshd_config
 
+
 
+# comma-separated list of usernames
 
+ENV USERS ""
 
+
 
+EXPOSE 22/tcp
 
+
 
+COPY entrypoint.sh /
 
+ENTRYPOINT ["/entrypoint.sh"]
 
+
 
+CMD ["/usr/sbin/sshd", "-D", "-e"]

+ 23 - 0
README.md
View File 

@@ -0,0 +1,23 @@
 
+# docker: openssh-server
 
+
 
+## example 1
 
+
 
+```sh
 
+$ docker run --name=rsync-sshd -p 2022:22 -e USERS=alice,bob fphammerle/rsync-sshd
 
+$ docker cp alice-keys rsync-sshd:/home/alice/.ssh/authorized_keys
 
+$ docker cp bob-keys rsync-sshd:/home/bob/.ssh/authorized_keys
 
+```
 
+
 
+## example 2
 
+
 
+```
 
+$ docker run --name rsync-sshd \
 
+    --publish 2022:22 --env USERS=alice,bob \
 
+    --volume host-keys:/etc/ssh/host_keys \
 
+    --volume alice-ssh-config:/home/alice/.ssh:ro \ 
+    --volume bob-ssh-config:/home/bob/.ssh:ro \ 
+    --init --rm \
 
+    fphammerle/rsync-sshd
 
+$ ssh -l alice -p 2022 localhost id
 
+uid=1000(alice) gid=1000(alice) groups=1000(alice)
 
+```

+ 25 - 0
entrypoint.sh
View File 

@@ -0,0 +1,25 @@
 
+#!/bin/sh
 
+set -e
 
+
 
+if [ ! -f "$SSHD_HOST_KEYS_DIR/rsa" ]; then
 
+    ssh-keygen -t rsa -b 4096 -N '' -C '' -f "$SSHD_HOST_KEYS_DIR/rsa"
 
+fi
 
+
 
+if [ -z "$USERS" ]; then
 
+    echo '$USERS is not set'
 
+    exit 1
 
+fi
 
+
 
+IFS=','
 
+for USER in $USERS; do
 
+    if ! id "$USER" 2>/dev/null >/dev/null ; then
 
+        (set -x; adduser -D "$USER")
 
+        passwd -u "$USER" 2>/dev/null
 
+    fi
 
+done
 
+
 
+set -x
 
+
 
+sed -i "s/^AllowUsers .*/AllowUsers ${USERS//,/ }/" /etc/ssh/sshd_config
 
+
 
+exec "$@"

+ 26 - 0
sshd_config
View File 

@@ -0,0 +1,26 @@
 
+Protocol 2
 
+
 
+# LogLevel VERBOSE
 
+
 
+HostKey /etc/ssh/host_keys/rsa
 
+
 
+# https://cipherli.st/
 
+KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
 
+Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
 
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
 
+
 
+PermitRootLogin no
 
+PasswordAuthentication no
 
+StrictModes no
 
+# separated by spaces
 
+AllowUsers _
 
+
 
+AllowAgentForwarding no
 
+AllowTcpForwarding no
 
+GatewayPorts no
 
+X11Forwarding no
 
+PermitUserEnvironment no
 
+PermitTTY no
 
+PrintMotd no
 
+
 
+# TODO consider chroot