From c16739bba646f7eabcf8fc35f2bf580237a225d9 Mon Sep 17 00:00:00 2001 From: Peter Becker Date: Sun, 11 Sep 2016 10:55:33 +0200 Subject: [PATCH 1/3] Add description for pinned server ssh-keys --- README.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/README.md b/README.md index 268e9cc..b93522d 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,31 @@ docker run \ foo::1001 ``` +## Using custom SSH key for server + +This container will generate an ssh-key for OpenSSH at first run. To avoid this, you can map Ed25519 or RSA keys from the host inside the container. + +### Ed25519 key +``` +docker run \ + -v /host/ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key \ + -v /host/share:/home/foo/share \ + -p 2222:22 -d atmoz/sftp \ + foo::1001 +``` +Tip: you can generate an Ed25519 key with this command: `ssh-keygen -t ed25519 -f /host/ssh_host_ed25519_key < /dev/null` + +### RSA key +``` +docker run \ + -v /host/ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key \ + -v /host/share:/home/foo/share \ + -p 2222:22 -d atmoz/sftp \ + foo::1001 +``` +Tip: you can generate an Ed25519 key with this command: `ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key < /dev/null` + + ## Execute custom scripts or applications Put your programs in `/etc/sftp.d/` and it will automatically run when the container starts. From 34f6dc601bb892fc2c7f223fefb4839e1321096e Mon Sep 17 00:00:00 2001 From: Peter Becker Date: Wed, 28 Sep 2016 11:59:43 +0200 Subject: [PATCH 2/3] Update README.md --- README.md | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index b93522d..613350e 100644 --- a/README.md +++ b/README.md @@ -113,26 +113,23 @@ docker run \ This container will generate an ssh-key for OpenSSH at first run. To avoid this, you can map Ed25519 or RSA keys from the host inside the container. -### Ed25519 key ``` +#for ed25519 keys: docker run \ -v /host/ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key \ -v /host/share:/home/foo/share \ -p 2222:22 -d atmoz/sftp \ foo::1001 -``` -Tip: you can generate an Ed25519 key with this command: `ssh-keygen -t ed25519 -f /host/ssh_host_ed25519_key < /dev/null` - -### RSA key -``` +#Tip: you can generate an Ed25519 key with this command: `ssh-keygen -t ed25519 -f /host/ssh_host_ed25519_key < /dev/null` + +#for rsa keys: docker run \ -v /host/ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key \ -v /host/share:/home/foo/share \ -p 2222:22 -d atmoz/sftp \ foo::1001 +#Tip: you can generate an rsa key with this command: `ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key < /dev/null` ``` -Tip: you can generate an Ed25519 key with this command: `ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key < /dev/null` - ## Execute custom scripts or applications From f6d43026b91b6a3a65edc16d540080702ff6701b Mon Sep 17 00:00:00 2001 From: Peter Becker Date: Wed, 28 Sep 2016 12:47:13 +0200 Subject: [PATCH 3/3] Add description for pinned server ssh-keys --- README.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 613350e..3ff091a 100644 --- a/README.md +++ b/README.md @@ -114,21 +114,18 @@ docker run \ This container will generate an ssh-key for OpenSSH at first run. To avoid this, you can map Ed25519 or RSA keys from the host inside the container. ``` -#for ed25519 keys: docker run \ -v /host/ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key \ - -v /host/share:/home/foo/share \ - -p 2222:22 -d atmoz/sftp \ - foo::1001 -#Tip: you can generate an Ed25519 key with this command: `ssh-keygen -t ed25519 -f /host/ssh_host_ed25519_key < /dev/null` - -#for rsa keys: -docker run \ -v /host/ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key \ -v /host/share:/home/foo/share \ -p 2222:22 -d atmoz/sftp \ foo::1001 -#Tip: you can generate an rsa key with this command: `ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key < /dev/null` +``` + +Tip: you can generate keys with this commands: +``` +ssh-keygen -t ed25519 -f /host/ssh_host_ed25519_key < /dev/null +ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key < /dev/null ``` ## Execute custom scripts or applications