No Description

dependabot[bot] e4724d0abf build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 (#59) 1 year ago
.github e4724d0abf build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 (#59) 1 year ago
CHANGELOG.md e40e029114 sshd: no longer accept RSA keys < 2048 bits for authentication 1 year ago
Dockerfile 06699a0c9d build(deps): bump alpine from 3.18.0 to 3.18.2 (#56) 1 year ago
Makefile e4c6cd4cd0 added makefile to facilitate building, tagging & pushing container images 3 years ago
README.md 93febe8d67 readme samples: consistently use port 2222 5 years ago
docker-compose.yml 86dbe52ebe docker-compose: mount user config including authorized_keys 5 years ago
entrypoint.sh 245f093c25 replace `passwd -u` to avoid empty passwords 5 years ago
openssh-package-log.url cb6050065b upgrade alpine base image from v3.17.3 to v3.18.0 including upgrade of openssh-server package from v9.1_p1-r2 to v9.3_p1-r3 (see below) 1 year ago
openssh-release-notes.url a36338c425 upgrade alpine base image v3.13.2->3.13.3 including openssh-server package upgrade v8.4_p1-r2->v8.4_p1-r3 (diff links below, CVE-2020-14145 only relevant for clients) 3 years ago
sshd_config e40e029114 sshd: no longer accept RSA keys < 2048 bits for authentication 1 year ago

README.md

Docker: OpenSSH-Server Restricted to TCP Forwarding 🐳

Docker Hub: https://hub.docker.com/r/fphammerle/ssh-bastion

Example: Share Web Server

bastion $ docker run --name ssh-bastion -p 2222:22 -e USERS=alice,bob fphammerle/ssh-bastion
bastion $ docker cp alice-keys ssh-bastion:/home/alice/.ssh/authorized_keys
bastion $ docker cp bob-keys ssh-bastion:/home/bob/.ssh/authorized_keys
alice $ ssh -N -R 28080:localhost:8080 -p 2222 bastion
bob $ ssh -N -L 8081:localhost:28080 -p 2222 bastion
bob $ curl http://localhost:8081/hello_bob.html

Example: SSH Jump Host

$ docker run --name ssh-bastion \
    --publish 2222:22 --env USERS=alice,bob \
    --volume bastion-host-keys:/etc/ssh/host_keys \
    --volume alice-ssh-config:/home/alice/.ssh:ro \
    --volume bob-ssh-config:/home/bob/.ssh:ro \
    --init --rm \
    fphammerle/ssh-bastion
$ ssh -N -R 22221:localhost:22 -p 2222 alice@bastion
$ ssh -J bob@bastion:2222 -p 22221 localhost

Docker Compose 🐙

  1. git clone https://github.com/fphammerle/docker-ssh-bastion
  2. Adapt $USERS and volumes in docker-compose.yml
  3. docker-compose up