Here is my Dockerfile for simple access over SSH on 8031 port
FROM alpine:latest
RUN apk add --no-cache php8 \
php8-common \
php8-fpm \
php8-pdo \
php8-opcache \
php8-zip \
php8-phar \
php8-iconv \
php8-cli \
php8-curl \
php8-openssl \
php8-mbstring \
php8-tokenizer \
php8-fileinfo \
php8-json \
php8-xml \
php8-xmlwriter \
php8-xmlreader \
php8-simplexml \
php8-dom \
php8-pdo_mysql \
php8-pdo_sqlite \
php8-tokenizer \
php8-pecl-redis \
php8-pdo_pgsql \
php8-gd
RUN apk add --update --no-cache openssh
RUN apk add sudo
RUN echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_config
RUN echo 'Port 8031' >> /etc/ssh/sshd_config
RUN adduser -h /home/userdev -s /bin/sh -D userdev
RUN echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel
RUN adduser userdev wheel
RUN echo -n 'userdev:mypassword' | chpasswd
ENTRYPOINT ["/entrypoint.sh"]
RUN apk --update --no-cache upgrade \
&& apk add bash \
&& apk add nano \
&& apk add nodejs npm \
&& apk add gmp gmp-dev \
&& apk add git htop \
&& apk add mc nano \
&& apk add acl screen
RUN mkdir -pv /var/www/html
RUN setfacl -R -m u:userdev:rwX /var/www/html
COPY .screenrc /home/userdev/
COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
EXPOSE 8031
COPY entrypoint.sh /
entrypoint.sh
#!/bin/bash
ssh-keygen -A
exec /usr/sbin/sshd -D -e "$@"
docker-compose.yml
name: docker-openssh-server
services:
openssh:
image: alpine-sshd-final:latest
ports:
- "8031:8031"
network_mode: "host"
volumes:
- /var/www/html:/var/www/html
- ./sshd_config:/etc/ssh/sshd_config
networks:
default:
name: docker-openssh-server_default
Everything is working as it should when I'm connecting to the SSH daemon-I can run sudo -i without a password.
But when I run docker exec -it -u userdev:userdev container_name /bin/bash sudo asks for password?
Why is this happening there and is it possible to make it passwordless in the second case too?
CodePudding user response:
Solution is really simple: I've to execute docker exec -it -u userdev:wheel container_name /bin/bash and everything works!
As posted here