Home > Net >  SSH to port exposed by container - permission denied
SSH to port exposed by container - permission denied

Time:11-22

I have a docker container running and it's exposing port 22 to local host port 1312. I am using the following command to run the container:

docker run -it -d -p 127.0.0.1:1312:22 -v /workspace/project:/root --name cpp_dep cpp_dep

Now to build the project in CLion, it need to be able to ssh into the container. I entered the container in interactive mode and ran "service ssh restart".

Now when I try to ssh into [email protected]:1312, it asks for my password. But when I enter my sudo (root) password, it keeps saying permission denied.

Is it an issue with ssh key? Which password should i use? or is there any way to bypass the password?

I am running a MAC OS.

Thanks in advance.

CodePudding user response:

You may enter the container in interactive mode, use whoami to find the current user while use passwd to change the password of current user, then ssh into it using the updated passwd.

More details if you are interested:

User running the container is decided by

By default it's root (uid = 0), but it depends on your settings.

User password is stored in /etc/passwd file, which is different inside the container and in the host, so the same uid may have different password inside the container. It's a workaround to mannually reset it using passwd in the interactive mode but your may also set it in Dockerfile like

RUN echo 'root:Docker!' | chpasswd  // (NOTICE: unsafe!)

It changes the password for root as "Docker!"

EDIT #1

As emphasized by David Maze in comments, it's unsafe to store plain password in the Dockerfile as it's public to anyone who get the source file, and it's not uncommon source files intended to be private mistakenly submitted to open github repository. If the container needs to provide public service, you must use build args (https://docs.docker.com/engine/reference/commandline/build/#set-build-time-variables---build-arg) so password can be secretly specified at build time.

Dockerfile:

ARG PASSWD
RUN echo 'root:${PASSWD}' | chpasswd

build:

docker build --build-arg PASSWD=<secret stored safely>
  • Related