feat(docker): 实现ssh Ubuntu18.04 docker连接，更新文档关于Ubuntu18.04和Ubuntu16.0…

…4的ssh默认设置区别
Document-Collection · Sep 28, 2019 · 4817c8d · 4817c8d
1 parent 75c2a01
commit 4817c8d
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 2 deletions.
diff --git a/dockerfiles/sshd/Dockerfile b/dockerfiles/sshd/Dockerfile
@@ -0,0 +1,14 @@
+# $ docker build -t zjzstu/ssh .
+# $ docker run -d -P --name test_sshd zjzstu/ssh:latest
+FROM zjzstu/ubuntu:18.04
+LABEL maintainer "zhujian <zjzstu@github.com>"
+
+RUN apt-get update && apt-get install -y openssh-server
+RUN mkdir /var/run/sshd && \ 
+    echo 'root:zhujian' | chpasswd && \
+    sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && \
+    sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+    # SSH login fix. Otherwise user is kicked off after login
+
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]
diff --git a/dockerfiles/sshd/README.md b/dockerfiles/sshd/README.md
@@ -0,0 +1,2 @@
+
+参考：[[Docker][SSH]远程登录Ubuntu](https://container-automation.readthedocs.io/zh_CN/latest/docker/advanced/%5BDocker%5D%5BSSH%5D远程登录Ubuntu.html)
diff --git a/docs/source/docker/advanced/[Docker][SSH]远程登录Ubuntu.md b/docs/source/docker/advanced/[Docker][SSH]远程登录Ubuntu.md
@@ -21,7 +21,7 @@ FROM zjzstu/ubuntu:18.04
 RUN apt-get update && apt-get install -y openssh-server
 RUN mkdir /var/run/sshd
 RUN echo 'root:THEPASSWORDYOUCREATED' | chpasswd
-RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
+RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
 
 # SSH login fix. Otherwise user is kicked off after login
 RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
@@ -34,7 +34,9 @@ CMD ["/usr/sbin/sshd", "-D"]
 * `RUN`指令更新已安装应用，同时安装`openssh-server`
 * `RUN`指令创建文件夹`/var/run/sshd`
 * `RUN`指令指定登录密码，修改`THEPASSWORDYOUCREATED`为自定义密码
-* `RUN`指令允许`ssh`登录`root`账户，修改文件`/etc/ssh/sshd_config`中的`PermitRootLogin prohibit-password`为`PermitRootLogin yes`（对于`Ubuntu 14.04`而言，默认设置为`PermitRootLogin without-password`）
+* `RUN`指令允许`ssh`登录`root`账户，修改文件`/etc/ssh/sshd_config`中的`#PermitRootLogin prohibit-password`为`PermitRootLogin yes`
+    * 对于`Ubuntu 14.04`而言，默认设置为`PermitRootLogin without-password`
+    * **注意**：对于`Ubuntu 16.04`而言，`ssh`默认打开了`PermitRootLogin`功能；对于`Ubuntu 18.04`而言，`ssh`默认关闭了`PermitRootLogin`功能。所以如果使用`Ubuntu 16.04`，需要将`#`号去除
 * `RUN`指令设置`/etc/pam.d/sshd`，防止用户在登录后将被踢出
 * `EXPOSE`指令设置容器监听端口`22`
 * `CMD`指令设置容器启动`sshd`，并在后台运行（`-D`表示以后台守护进程方式运行服务器）