I am having docker Demon running on a ubuntu ec2 host.
I am able to setup an sshd conatainer on this ubuntu ec2 host and able to ssh in from the docker host .i.e.
ubuntu@ip-172-16-27-205:~/docker-work$ sudo docker run -d -P --name ssh-enabled ssh-enabled
bb7f535124b3df403ae97da770fe2e4a4969a7ecddfb5d546aaddfe00e40374d
ubuntu@ip-172-16-27-205:~/docker-work$ sudo docker port ssh-enabled
22/tcp -> 0.0.0.0:32768
ubuntu@ip-172-16-27-205:~/docker-work$ ssh [email protected] -p 32768
The authenticity of host '[127.0.0.1]:32768 ([127.0.0.1]:32768)' can't be established.
ECDSA key fingerprint is e6:74:aa:52:8e:3d:19:7a:92:da:85:d4:b9:f9:ed:f1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:32768' (ECDSA) to the list of known hosts.
[email protected]'s password:
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.19.0-30-generic x86_64)
* Documentation: https://help.ubuntu.com/
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
root@bb7f535124b3:~#
However I am not sure how could I connect to this container from outside docker host.
I can ssh to docker host from an outside machine like below
ssh -i /home/xxxxxx/xxxxxxxxx.pem [email protected]
however I wish to ssh directly to container
docker container is up as shown with below command response
ubuntu@ip-172-16-27-205:~/docker-work$ sudo docker ps -as
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE
bb7f535124b3 ssh-enabled "/usr/sbin/sshd -D" 8 minutes ago Up 8 minutes 0.0.0.0:32768->22/tcp ssh-enabled 32.51 kB (virtual 868.4 MB)
as the docker host is listening on port 32768 When I try to ssh container with user root it fails
rbharadwaj@syd01-devops-ansible02:~$ ssh -i '/home/xxxxx/xxxxxxx.pem' [email protected] -p 32768 -v
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client [email protected] <implicit> none
debug1: kex: client->server [email protected] <implicit> none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ED25519 3e:6a:c6:9e:34:98:2e:81:b5:e1:88:d1:15:63:bb:41
debug1: checking without port identifier
The authenticity of host '[172.16.27.205]:32768 ([172.16.27.205]:32768)' can't be established.
ED25519 key fingerprint is 3e:6a:c6:9e:34:98:2e:81:b5:e1:88:d1:15:63:bb:41.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[172.16.27.205]:32768' (ED25519) to the list of known hosts.
debug1: ssh_ed25519_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/rbharadwaj/syd01-devops-ruc-app-instances
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).
Thinking the private key is of user Ubuntu I also tried to ssh into container like below however it fails
ssh -i '/home/xxxx/xxxxx.pem' [email protected] -p 32768
kindly suggest how can I can connect to container directly in above scenario
The output from ssh looks like you have not correctly set up the private key. Is it in the correct location within the container (/root/.ssh/authorized_keys) and does it have the right permissions?
chmod 700 /root/.ssh
chmod 600 /root/.ssh/authorized_keys