From 8ffc9c2b6fb3388d4ceb4ee0a57339842769713e Mon Sep 17 00:00:00 2001 From: Adrian Dvergsdal Date: Mon, 28 Mar 2016 18:06:53 +0200 Subject: [PATCH] Generate unique ssh keys for each container (issue #32) --- Dockerfile | 7 +++++-- entrypoint | 6 ++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5e97ea5..c8777b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,8 +5,11 @@ RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get -y install openssh-server && \ rm -rf /var/lib/apt/lists/* -# sshd needs this directory to run -RUN mkdir -p /var/run/sshd +# Step 1: sshd needs /var/run/sshd/ to run +# Step 2: Remove keys, they will be generated later by entrypoint +# (unique keys for each container) +RUN mkdir -p /var/run/sshd && \ + rm /etc/ssh/ssh_host_*key* COPY sshd_config /etc/ssh/sshd_config COPY entrypoint / diff --git a/entrypoint b/entrypoint index 0e829c1..10bef10 100755 --- a/entrypoint +++ b/entrypoint @@ -1,5 +1,6 @@ #!/bin/bash set -e +export DEBIAN_FRONTEND=noninteractive userConfPath="/etc/sftp-users.conf" userConfFinalPath="/var/run/sftp-users.conf" @@ -114,7 +115,11 @@ if [ ! -f "$userConfFinalPath" ]; then while IFS= read -r user || [[ -n "$user" ]]; do createUser "$user" done < "$userConfFinalPath" + + # Generate unique ssh keys for this container + dpkg-reconfigure openssh-server fi + # Source custom scripts, if any if [ -d /etc/sftp.d ]; then for f in /etc/sftp.d/*; do @@ -122,4 +127,5 @@ if [ -d /etc/sftp.d ]; then done unset f fi + exec /usr/sbin/sshd -D