i am learing docker and try to write a dockerfile for a image with openssh-server to give access to root user via password throuh ssh the docker file i wrote is below
FROM ubuntu:20.04
RUN apt-get update
RUN apt-get install wget openssh-server -y
RUN sed -i 's/PermitRootLogin Prohibit-RootLogin/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN echo 'root:root123' | chpasswd
RUN mkdir /var/run/sshd
CMD ["/usr/sbin/sshd","-D"]
EXPOSE 22
while creating image there is no error was shown after created a container using this image I checked the sshd_config file in the container but the PermitRootLogin does not change to yes it is still in prohibit-password and tried to login with serverip&portnumber in putty i gave login as root and root123 as password but access was denied can anyone explain why it didn't change? and how can i modify sshd_config file?
i tried build the image with --no-cache if the system ignorin the sed command because of cache and i tried different version of ubumtu as base os if that is the problem i tried to wirting anew docker file without sed command to replace the permitrootlogin option but with echo command and mv command but that also didn't work the second docker file i wrote is the following
FROM ubuntu:16.04
MAINTAINER ananth
RUN apt-get update
RUN apt-get install wget openssh-server -y
RUN echo "PermitRootLogin yes" > /etc/ssh/sshd_config_new
RUN mv /etc/ssh/sshd_config_new /etc/ssh/sshd_config
RUN mkdir /var/run/sshd
CMD ["/usr/sbin/sshd", "-D"]
EXPOSE 22
Here's a suggestion based on a slight variation of your initial Dockerfile:
FROM ubuntu:20.04
RUN apt-get update
RUN apt-get install wget openssh-server -y
RUN echo 'PermitRootLogin yes' > /etc/ssh/sshd_config.d/root.conf
RUN echo 'root:root123' | chpasswd
EXPOSE 22/tcp
RUN mkdir /var/run/sshd
CMD /usr/sbin/sshd -D
The idea is to drop a (single directive) configuration file in /etc/ssh/sshd_config.d instead of modifying /etc/ssh/sshd_config through sed.
Also, keep in mind that the EXPOSE statement in not enough to set up your networking requirements. As the documentation says:
The EXPOSE instruction informs Docker that the container listens on the specified network ports at runtime. You can specify whether the port listens on TCP or UDP, and the default is TCP if the protocol is not specified.
The EXPOSE instruction does not actually publish the port. It functions as a type of documentation between the person who builds the image and the person who runs the container, about which ports are intended to be published. To actually publish the port when running the container, use the -p flag on docker run to publish and map one or more ports, or the -P flag to publish all exposed ports and map them to high-order ports.
So the sequence of instructions to instantiate your docker container would be something like:
cd somepath/to/your/dockerfile
docker image build .
docker container create -p LOCALPORT:22 IMAGE_ID
docker container start CONTAINER_ID
Then you should be able to ssh root@localhost -p LOCALPORT.
Of course, do not use 22 as LOCALPORT, you'd end up connecting to the host OS sshd process.
Hope that helps!