在 Docker 容器中运行 sshd
[英]Run sshd in Docker container
问题描述
I found this Dockerfile sample here :
我在这里找到了这个Dockerfile样本:
// version 1
FROM ubuntu:latest
RUN apt update && apt install ssh -y
RUN service ssh start
CMD ["/usr/sbin/sshd","-D"]
When I build and run this Dockerfile , it runs an SSH server in the foreground, which is great.当我构建并运行这个Dockerfile时,它会在前台运行一个 SSH 服务器,这很棒。
If I use the following Dockerfile though:如果我使用以下Dockerfile :
// version 2
FROM ubuntu:latest
RUN apt update && apt install ssh -y
RUN service ssh start
# CMD ["/usr/sbin/sshd","-D"] // without this line
And then run the container:然后运行容器:
~$ docker run -p 2222:22 -it ssh_server
And try to connect to it from another terminal, it doesn't work.并尝试从另一个终端连接到它,它不起作用。 Seemingly this call to sshd is necessary.看起来这个对 sshd 的调用是必要的。 On the other hand, If I just install SSH in the Dockerfile:另一方面,如果我只是在 Dockerfile 中安装 SSH:
// version 3
FROM ubuntu:latest
RUN apt-get update && apt-get install -y ssh
And run the container like this:并像这样运行容器:
~$ docker run -p 2222:22 -it ssh:test
~$ service ssh start
* Starting OpenBSD Secure Shell server sshd
Now I'm able to connect to the container.现在我可以连接到容器了。 So I wonder: If the line RUN ssh service start in version 1 is necessary, why isn't necessary for version 3?所以我想知道:如果版本 1 中的行RUN ssh service start是必要的,为什么版本 3 不需要?
To add more to the confusion, if I build and run version 4:为了增加混乱,如果我构建并运行版本 4:
// version 4
FROM ubuntu:latest
RUN apt update && apt install ssh -y
#RUN service ssh start // without this line
CMD ["/usr/sbin/sshd","-D"]
It also doesn't work either.它也不起作用。
Can someone please explain those behaviours?有人可以解释这些行为吗? What is the relation between service ssh start and /usr/sbin/sshd ? service ssh start和/usr/sbin/sshd之间有什么关系?
3 个解决方案
解决方案1
4 已采纳 2020-12-20 17:30:30
OK everything is clear now:好的,现在一切都清楚了:
Basically running the /usr/sbin/sshd is what runs the ssh server.基本上运行/usr/sbin/sshd就是运行 ssh 服务器。 The reason it didn't work out on it's own (version 4) is because the script that runs when you run service ssh start - which is the script /etc/init.d/ssh - creates a directory /run/sshd which is required for the run of sshd.它无法自行解决的原因(版本 4)是因为运行service ssh start时运行的脚本 - 这是脚本/etc/init.d/ssh - 创建一个目录/run/sshd这是运行 sshd 所需的。
This script also calls the executable /usr/sbin/sshd , but since this is run as part of the build, it didn't sustain beyond the temporary container that the layer was made of.该脚本还调用了可执行文件/usr/sbin/sshd ,但由于它是作为构建的一部分运行的,因此它无法在构成该层的临时容器之外维持。 W W
What did sustain is the /run/sshd directory!支撑的是/run/sshd目录! That's why when we run /usr/sbin/sshd as the CMD it works!这就是为什么当我们将/usr/sbin/sshd作为 CMD 运行时它可以工作的原因!
Thanks all!谢谢大家!
解决方案2
0 2022-06-22 21:12:43
To build on @YoavKlein's answer, service ssh start can take arguments which are passed to sshd , so rather than为了建立@YoavKlein 的答案, service ssh start可以采用 arguments 传递给sshd ,所以而不是
# Incidentally creates /run/sshd
RUN service ssh start
# Run the service in the foreground when starting the container
CMD ["/usr/sbin/sshd", "-D"]
you can just do你可以做
# Run the service in the foreground when starting the container
CMD ["service", "ssh", "start", "-D"]
which will start the SSH server through service , but run it in the foreground, avoiding having to have a separate RUN to do first time setup.这将通过service启动 SSH 服务器,但在前台运行它,避免必须有单独的RUN进行首次设置。
解决方案3
0 2022-09-11 07:51:37
I have taken the idea from @mark-raymond:)我从@mark-raymond 那里得到了这个想法:)
Following docker run command with the -D flag worked for me::遵循带有 -D 标志的 docker 运行命令对我有用::
docker run -itd -p 2222:22 <dockerImageName:Tag> /usr/sbin/sshd -D
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.