docker centos-ssh-root 无密钥 centos image

knight_black_bob

浏览: 853170 次
性别:
来自: 北京

最近访客更多访客>>

bian1024

lli

cqh520llr

hxgdragon

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

docker
linux

docker centos-ssh-root 无密钥 centos image

37.1准备工作

setenforce 0
vim /etc/selinux/config
SELINUX=disabled

37.2 创建docker centos-ssh-root

37.2.1 创建dockerfile

# 选择一个已有的os镜像作为基础  
FROM centos 

# 镜像的作者  
MAINTAINER baoyou curiousby@163.com 

# 安装openssh-server和sudo软件包，并且将sshd的UsePAM参数设置成no  
RUN yum install -y openssh-server sudo  
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config  
#安装openssh-clients
RUN yum  install -y openssh-clients

# 添加测试用户root，密码root，并且将此用户添加到sudoers里  
RUN echo "root:root" | chpasswd  
RUN echo "root   ALL=(ALL)       ALL" >> /etc/sudoers  
# 下面这两句比较特殊，在centos6上必须要有，否则创建出来的容器sshd不能登录  
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key  
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key  

# 启动sshd服务并且暴露22端口  
RUN mkdir /var/run/sshd  
EXPOSE 22  
CMD ["/usr/sbin/sshd", "-D"]

37.2.2 执行命令

mkdir centos-ssh-root 
cd centos-ssh-root 
vim  Dockerfile
docker build -t "curiousby/centos-ssh-root:original" .

37.2.3 build 运行日志

[root@bogon centos-ssh-root]# docker build -t  curiousby/centos-ssh-root:original .
Sending build context to Docker daemon   2.56kB
Step 1/12 : FROM centos
 ---> 328edcd84f1b
Step 2/12 : MAINTAINER curiousby curiousby@163.com
 ---> Running in a07c67ece348
 ---> a3f6c43634d0
Removing intermediate container a07c67ece348
Step 3/12 : RUN yum install -y openssh-server sudo
 ---> Running in 7319491e2cb1
Loaded plugins: fastestmirror, ovl
http://centos.ustc.edu.cn/centos/7.3.1611/updates/x86_64/repodata/repomd.xml: [Errno 14] curl#7 - "Failed to connect to 2001:da8:d800:95::110: Network is unreachable"
Trying other mirror.
Determining fastest mirrors
 * base: mirrors.btte.net
 * extras: mirrors.nwsuaf.edu.cn
 * updates: mirrors.nwsuaf.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:6.6.1p1-35.el7_3 will be installed
--> Processing Dependency: openssh = 6.6.1p1-35.el7_3 for package: openssh-server-6.6.1p1-35.el7_3.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-6.6.1p1-35.el7_3.x86_64
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.6.1p1-35.el7_3.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-6.6.1p1-35.el7_3.x86_64
---> Package sudo.x86_64 0:1.8.6p7-23.el7_3 will be installed
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package openssh.x86_64 0:6.6.1p1-35.el7_3 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                Arch        Version                  Repository    Size
================================================================================
Installing:
 openssh-server         x86_64      6.6.1p1-35.el7_3         updates      440 k
 sudo                   x86_64      1.8.6p7-23.el7_3         updates      735 k
Installing for dependencies:
 fipscheck              x86_64      1.4.1-5.el7              base          21 k
 fipscheck-lib          x86_64      1.4.1-5.el7              base          11 k
 openssh                x86_64      6.6.1p1-35.el7_3         updates      438 k
 tcp_wrappers-libs      x86_64      7.6-77.el7               base          66 k

Transaction Summary
================================================================================
Install  2 Packages (+4 Dependent packages)

Total download size: 1.7 M
Installed size: 4.9 M
Downloading packages:
Public key for fipscheck-1.4.1-5.el7.x86_64.rpm is not installed
warning: /var/cache/yum/x86_64/7/base/packages/fipscheck-1.4.1-5.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for sudo-1.8.6p7-23.el7_3.x86_64.rpm is not installed
http://mirrors.nwsuaf.edu.cn/centos/7.3.1611/updates/x86_64/Packages/openssh-6.6.1p1-35.el7_3.x86_64.rpm: [Errno 12] Timeout on http://mirrors.nwsuaf.edu.cn/centos/7.3.1611/updates/x86_64/Packages/openssh-6.6.1p1-35.el7_3.x86_64.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')
Trying other mirror.
--------------------------------------------------------------------------------
Total                                               32 kB/s | 1.7 MB  00:52     
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
 Package    : centos-release-7-3.1611.el7.centos.x86_64 (@CentOS)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : fipscheck-1.4.1-5.el7.x86_64                                 1/6 
  Installing : fipscheck-lib-1.4.1-5.el7.x86_64                             2/6 
  Installing : openssh-6.6.1p1-35.el7_3.x86_64                              3/6 
  Installing : tcp_wrappers-libs-7.6-77.el7.x86_64                          4/6 
  Installing : openssh-server-6.6.1p1-35.el7_3.x86_64                       5/6 
  Installing : sudo-1.8.6p7-23.el7_3.x86_64                                 6/6 
  Verifying  : openssh-6.6.1p1-35.el7_3.x86_64                              1/6 
  Verifying  : openssh-server-6.6.1p1-35.el7_3.x86_64                       2/6 
  Verifying  : sudo-1.8.6p7-23.el7_3.x86_64                                 3/6 
  Verifying  : tcp_wrappers-libs-7.6-77.el7.x86_64                          4/6 
  Verifying  : fipscheck-lib-1.4.1-5.el7.x86_64                             5/6 
  Verifying  : fipscheck-1.4.1-5.el7.x86_64                                 6/6 

Installed:
  openssh-server.x86_64 0:6.6.1p1-35.el7_3    sudo.x86_64 0:1.8.6p7-23.el7_3   

Dependency Installed:
  fipscheck.x86_64 0:1.4.1-5.el7       fipscheck-lib.x86_64 0:1.4.1-5.el7      
  openssh.x86_64 0:6.6.1p1-35.el7_3    tcp_wrappers-libs.x86_64 0:7.6-77.el7   

Complete!
 ---> a5b6b2590449
Removing intermediate container 7319491e2cb1
Step 4/12 : RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
 ---> Running in cd9fa1a6f379
 ---> b3ad6bbf3c1b
Removing intermediate container cd9fa1a6f379
Step 5/12 : RUN yum  install -y openssh-clients
 ---> Running in fadadcf8ab9b
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: mirrors.btte.net
 * extras: mirrors.nwsuaf.edu.cn
 * updates: mirrors.nwsuaf.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package openssh-clients.x86_64 0:6.6.1p1-35.el7_3 will be installed
--> Processing Dependency: libedit.so.0()(64bit) for package: openssh-clients-6.6.1p1-35.el7_3.x86_64
--> Running transaction check
---> Package libedit.x86_64 0:3.0-12.20121213cvs.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package             Arch       Version                       Repository   Size
================================================================================
Installing:
 openssh-clients     x86_64     6.6.1p1-35.el7_3              updates     642 k
Installing for dependencies:
 libedit             x86_64     3.0-12.20121213cvs.el7        base         92 k

Transaction Summary
================================================================================
Install  1 Package (+1 Dependent package)

Total download size: 735 k
Installed size: 2.4 M
Downloading packages:
--------------------------------------------------------------------------------
Total                                              111 kB/s | 735 kB  00:06     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : libedit-3.0-12.20121213cvs.el7.x86_64                        1/2 
  Installing : openssh-clients-6.6.1p1-35.el7_3.x86_64                      2/2 
  Verifying  : openssh-clients-6.6.1p1-35.el7_3.x86_64                      1/2 
  Verifying  : libedit-3.0-12.20121213cvs.el7.x86_64                        2/2 

Installed:
  openssh-clients.x86_64 0:6.6.1p1-35.el7_3                                     

Dependency Installed:
  libedit.x86_64 0:3.0-12.20121213cvs.el7                                       

Complete!
 ---> 7c2753e2677d
Removing intermediate container fadadcf8ab9b
Step 6/12 : RUN echo "root:root" | chpasswd
 ---> Running in 75fab0b6b241
 ---> c1cb3babeee2
Removing intermediate container 75fab0b6b241
Step 7/12 : RUN echo "root   ALL=(ALL)       ALL" >> /etc/sudoers
 ---> Running in f0c0c32b70c1
 ---> 48f3a187f13f
Removing intermediate container f0c0c32b70c1
Step 8/12 : RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
 ---> Running in afc9cf2b6d76
Generating public/private dsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_dsa_key.
Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub.
The key fingerprint is:
13:ce:12:9b:d1:4f:5e:ee:35:b1:ed:48:60:58:92:35 root@c7947be2eb9d
The key's randomart image is:
+--[ DSA 1024]----+
|          .oE    |
|       .  .+ .   |
|      o o o + .  |
|       B = + . + |
|      + S o . = .|
|       . . . o + |
|            . . .|
|                 |
|                 |
+-----------------+
Enter passphrase (empty for no passphrase): Enter same passphrase again:  ---> 8d9c838f0e26
Removing intermediate container afc9cf2b6d76
Step 9/12 : RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
 ---> Running in d7131a2534c2
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
c1:dc:54:6c:45:d8:35:c3:cf:ac:fb:35:22:6a:2e:0e root@c7947be2eb9d
The key's randomart image is:
+--[ RSA 2048]----+
|          .o.=++.|
|       o o  + ..o|
|        + ..   o.|
|         .      +|
|        S      . |
|              .  |
|     E     . . o.|
|      .. .. . o o|
|      ..+o     ..|
+-----------------+
Enter passphrase (empty for no passphrase): Enter same passphrase again:  ---> 0f71202ee047
Removing intermediate container d7131a2534c2
Step 10/12 : RUN mkdir /var/run/sshd
 ---> Running in e3f36ab8616f
 ---> 6007b08d3e2b
Removing intermediate container e3f36ab8616f
Step 11/12 : EXPOSE 22
 ---> Running in 653c57effb5a
 ---> 6533c53d9497
Removing intermediate container 653c57effb5a
Step 12/12 : CMD /usr/sbin/sshd -D
 ---> Running in 46accc61a713
 ---> 265bd8a128b3
Removing intermediate container 46accc61a713
Successfully built 265bd8a128b3
Successfully tagged curiousby/centos-ssh-root:original

37.2.4 build 验证