添加SSH服务

1、基于commit命令创建

1.1 启动容器

[root@master ~]# docker run -it ubuntu:18.04 bash
#更新软件源
root@d8949a9bb837:/# apt-get update
root@d8949a9bb837:/# apt-get install -y vim

1.2 如果默认的官方源速度慢，可以替换为国内的镜像源，创建/etc/apt/source.list.d/163.list文件

root@d8949a9bb837:/# vim /etc/apt/sources.list.d/163.list
deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
#更新软件源信息
root@d8949a9bb837:/# apt-get update

1.3 安装和配置ssh服务

#使用openssh-server作为服务器
root@d8949a9bb837:/# apt-get -y install openssh-server  
#启动SSH服务过程并不会创建/var/run/sshd目录，所以需要手动创建
root@d8949a9bb837:/# mkdir -p /var/run/sshd 
root@d8949a9bb837:/# /usr/sbin/sshd -D &
#取消pam登录限制
root@d8949a9bb837:/# sed -ri 's/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g' /etc/pam.d/sshd
#创建SSH密钥对，并创建authorized_keys文件
root@d8949a9bb837:~# ssh-keygen -t rsa   #使用rsa加密算法，也可以使用dsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):  #密码短语可以为空
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.   #私钥文件存储目录
Your public key has been saved in /root/.ssh/id_rsa.pub.  #公钥文件存储目录
The key fingerprint is:
SHA256:MmBjZuzJKPvdd3l80Kf5ABqqsaFPPTbMZSfLRNnnLBs root@d8949a9bb837
The key's randomart image is:
+---[RSA 2048]----+
|                 |
|   .       o     |
|    O     o . .  |
|   O +   .   +   |
|. . + o S * E.o  |
| o     * * *.=. .|
|.     + O +o...+ |
| . . + *.oo o +. |
|  . o.=. . . . ..|
+----[SHA256]-----+'
#将公钥的数据存入authorized_keys文件,实现免密登录
root@d8949a9bb837:~# cat ~/.ssh/id_rsa.pub > ~/.ssh/authorized_keys

1.4 创建自动启动SSH服务的可执行文件run.sh

root@7403bdb9a339:/# vi run.sh
#!/bin/bash
/usr/sbin/sshd -D
root@7403bdb9a339:/# chmod +x run.sh
root@7403bdb9a339:/# exit
#保存镜像
[root@master ~]# docker commit 7403bd sshd:ubuntu  
#启动镜像
[root@master ~]# docker run -p 10022:22 -d sshd:ubuntu /run.sh
#连接SSH
[root@master ~]# ssh 192.168.130.16 -p 10022

dockerfile方式添加sshd服务：

[root@master ~]# mkdir sshd_ubuntu
[root@master ~]# cd sshd_ubuntu
[root@master ~]# vim run.sh
#!/bin/bash
/usr/sbin/sshd -D
[root@master ~]# ssh-keygen -t rsa
[root@master ~]# cat ~/.ssh/id_rsa.pub > authorized_keys

[root@master ~]# vim Dockerfile
FROM ubuntu:18.04 
LABEL maintainer (user@docker.com)
RUN echo "deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb-src http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb-src http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb-src http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb-src http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& echo "deb-src http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse" >>/etc/apt/sources.list.d/163.list \
&& apt-get update && apt-get -y install openssh-server
RUN mkdir -p /var/run/sshd && mkdir /root/.ssh/
RUN sed -ri 's/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g' /etc/pam.d/sshd
ADD run.sh /run.sh
ADD authorized_keys /root/.ssh/authorized_keys 
RUN chmod 755 /run.sh
EXPOSE 20
CMD ["/run.sh"]

[root@master ~]# docker build -t sshd:dockerfile .
[root@master ~]# docker run -d -p 10022:20 sshd:dockerfile
[root@master ~]# ssh 192.168.16.30 -p 10022

遇到的问题：

文件内容无法写入，一般有两种情况：1、权限不够，普通用户用vi 进行不了保存，也有可能是设置了特殊权限  2、有程序正在使用该文件

但是root怎么可能不够权限，基本可以排除1，出于2的考虑进入该目录才发现中间的目录名称输入错误.....