docker build 的镜像,ssh 的密码在 build 的时候设置的,非常奇怪是的,容器启动后,正常可以用 ssh 登录,但过一天后,新开窗口重新 ssh 登录,密码就不对了,而且昨天开的已登录窗口还能正常使用。 重启 docke 容器后,又能正常登录,是啥原因啊? 没有人改密码啊,好几天都是这样,都是通过重启容器来解决,不清楚原因是啥
This topic created in 1851 days ago, the information mentioned may be changed or developed.
Supplement 1 · Jun 2, 2021
# Dockerfile
FROM base_images:latest
RUN apt-get -y update && apt-get install -y openssh-server openssh-client vim initscripts expect
RUN pip install --upgrade pip
RUN sed -i "s/^#PermitRootLogin/PermitRootLogin/g" /etc/ssh/sshd_config
RUN sed -i "s/prohibit-password/yes/g" /etc/ssh/sshd_config
RUN echo y | ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
RUN echo y | ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
RUN echo y | ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
ARG PASSWORD
RUN echo "root:${PASSWORD}" | chpasswd
RUN mkdir /var/run/sshd && chmod 0755 /var/run/sshd
RUN env | egrep -v "^(HOME=|USER=|MAIL=|LC_ALL=|LS_COLORS=|LANG=|HOSTNAME=|PWD=|TERM=|SHLVL=|LANGUAGE=|_=)" >> /etc/environment
CMD /usr/sbin/sshd -D && bash
build 指令:
docker-compose build --build-arg PASSWORD=admin%^&* myproject &&
docker-compose up -d
 |
1
maichael Jun 2, 2021
"重启 docker 容器后,又能正常登录",因为 Docker 是无状态的,重启之后会回归刚开始的状态。所以应该是你容器内的某个设置会进行更改密码,可以给下 Dockerfile 关键信息吗
|
 |
3
PbCopy111 Jun 2, 2021
这。。。不是每次生成新密码么。。。。。
|
 |
5
killva4624 Jun 3, 2021
1 、ssh 的时候具体报错是什么?(可以用 -v 打印出来)
2 、“重启容器”的具体操作是什么? docker restart xxx 吗,还是每次都重新 build ?看 Dockerfile,如果不重新 build 的话,这个 image 的 sshpassword 是不会变的。 |
 |
6
css3 OP @killva4624 隔天 ssh 登录就是提示密码不正确
|
|
7
css3 OP @killva4624 肯定不是 build 啊,直接 restart,或者直接 run
|
|
8
css3 OP @killva4624 Permission denied, please try again.
|
|
9
css3 OP OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 58: Applying options for * debug1: Connecting to 192.168.12.44 [192.168.12.44] port 23. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.10 debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.10 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 192.168.12.44:23 as 'root' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: [email protected] debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug1: kex: [email protected] need=64 dh_need=64 debug1: kex: [email protected] need=64 dh_need=64 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:jI6QVVi6Qmi5oZvugssXrHN4Qxjrw9BDNoowxaIZ7so debug1: Host '[192.168.12.44]:23' is known and matches the ECDSA host key. debug1: Found key in /root/.ssh/known_hosts:4 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: rekey after 134217728 blocks debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /root/.ssh/id_rsa debug1: Authentications that can continue: publickey,password debug1: Trying private key: /root/.ssh/id_dsa debug1: Trying private key: /root/.ssh/id_ecdsa debug1: Trying private key: /root/.ssh/id_ed25519 debug1: Next authentication method: password [email protected]'s password: debug1: Authentications that can continue: publickey,password Permission denied, please try again. [email protected]'s password: |
 |
10
julyclyde Jun 3, 2021
docker exec 进去看看 sshd 的日志吧
|
|
11
killva4624 Jun 4, 2021
@css3 出 Permission denied 的时候,docker exec 进去看看你的 /etc/ssh/sshd_config,还有 sshd 的日志。
|
Select Language