You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First of all, congratulations on the excellent work. This image fits my needs almost perfectly!
I said almost because there is one issue: the SSH host keys are regenerated every time the container is recreated. This is a problem on my stack because then I have to manually add the new public key to the client servers's known_hosts file (which ultimately results in downtime for my users).
To solve this, I created an image from your image with a slight variation: it checks a certain directory for existing SSH host keys and, if present, use those keys instead of generating new keys. It also copies the keys it generates on the first run over to this directory. This allows me to add a volume on the docker-compose file and map it to this directory, so that the SSH host keys are generated on the first run and then backed up to persistent storage. When the container is recreated, the previous keys are used instead of generating new keys, thus achieving "persistent SSH host keys".
Would you consider adding this to your image? If so, and if you are interested in how I implemented it, here follows.
I basically changed this part of the original docker-entrypoint.sh:
# Generate host SSH keysif [ !-e /etc/ssh/ssh_host_rsa_key.pub ];then
ssh-keygen -A
fi
To this:
if [ -e /ssh_host_keys/ssh_host_rsa_key.pub ];then# Copy persistent host keysecho"Using existing SSH host keys"
cp /ssh_host_keys/* /etc/ssh/
elif [ !-e /etc/ssh/ssh_host_rsa_key.pub ];then# Generate host SSH keysecho"Generating SSH host keys"
ssh-keygen -A
if [ -d /ssh_host_keys ];then# Store generated keys on persistent volumeecho"Persisting SSH host keys"
cp -u /etc/ssh/ssh_host_* /ssh_host_keys/
fifi
Hey, there!
First of all, congratulations on the excellent work. This image fits my needs almost perfectly!
I said almost because there is one issue: the SSH host keys are regenerated every time the container is recreated. This is a problem on my stack because then I have to manually add the new public key to the client servers's
known_hosts
file (which ultimately results in downtime for my users).To solve this, I created an image from your image with a slight variation: it checks a certain directory for existing SSH host keys and, if present, use those keys instead of generating new keys. It also copies the keys it generates on the first run over to this directory. This allows me to add a volume on the docker-compose file and map it to this directory, so that the SSH host keys are generated on the first run and then backed up to persistent storage. When the container is recreated, the previous keys are used instead of generating new keys, thus achieving "persistent SSH host keys".
Would you consider adding this to your image? If so, and if you are interested in how I implemented it, here follows.
I basically changed this part of the original
docker-entrypoint.sh
:To this:
My
docker-compose.yml
file looks like this:I am by no means a bash script expert, so feel free to point out any shortcomings :)
The text was updated successfully, but these errors were encountered: