Skip to content

rcarmo/docker-ssh-bastion-armhf

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
rootfs
rootfs
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

docker-ssh-bastion-armhf

A Docker container with a tailored SSH server, to act as a bastion host. Some of the things below can be easily tuned to your liking.

  • Experimental mosh configuration (removed because perl is a security risk)
  • set SSH client defaults to perform agent forwarding by default, as well as a few other niceties I need.
  • Use bash instead of busybox to reduce number of commands available (Alpine uses busybox for everything, and I don't want people to be able to do busybox ls).
  • Lock down capabilities to absolute minimum
  • Allow for a PTY (because I cannot specify a ProxyCommand on some mobile SSH clients and thus need to type ssh foo again)
  • Mount existing authorized_keys inside the container, read-only
  • Lock down SSH for key-based auth only
  • Remove unused commands, SUID files, etc

About

A Docker container with a tailored SSH bastion

Topics

docker bastion ssh-server armhf

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages