5

I setup a Docker image that supports ssh. No problem, lots of examples. However, most examples show setting a password using passwd. I want to distribute my image. Having a fixed password, especially to root, seems like a gaping security hole. Better, to me, is to setup the image with root having no password. When a user gets the image they would then copy their public ssh file to the image /root/.ssh/authorized_keys file.

Is there a recommended way to do this?

  1. Provide a Dockerfile that builds on my image with an ADD command that user can edit?
  2. Provide a shell script that runs something like "cat ~/.ssh/authorized_keys | docker run -i sh -c 'cat > root/.ssh/authorized_keys"?
Improve this question
1
  • Another option is to use "docker run -t -i -v /root/.ssh:/root/.ssh:ro yourimage" But this works for root user .ssh dir only, because userids on host/container have to match :( Commented Jan 3, 2014 at 15:55

1 Answer 1

Reset to default
8

What about generating a private key and display it to the user?

I use this snippet as part of the entrypoint script for an image:

KEYGEN=/usr/bin/ssh-keygen
KEYFILE=/root/.ssh/id_rsa

if [ ! -f $KEYFILE ]; then
  $KEYGEN -q -t rsa -N "" -f $KEYFILE
  cat $KEYFILE.pub >> /root/.ssh/authorized_keys
fi

echo "== Use this private key to log in =="
cat $KEYFILE
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.