1、基礎(chǔ)鏡像ubuntu:18.04

2、替換為國內(nèi)的安裝源

3、安裝openssh-server

4、允許root用戶遠(yuǎn)程登陸

5、暴露端口22

6、服務(wù)開機(jī)自啟動(dòng)

1.創(chuàng)建目錄

[root@openEuler-node1 db]# mkdir sshd_ubuntu

2.創(chuàng)建 Dockerfile、 run.sh 、authorized_keys、vim aliyun.list 文件

[root@openEuler-node1 sshd_ubuntu]# cd sshd_ubuntu
[root@openEuler-node1 sshd_ubuntu]# touch Dockerfile run.sh authorized_keys vim aliyun.list

3.在宿主主機(jī)上生成 SSH 密鑰對(duì),寫入authorized_keys

[root@openEuler-node1 ~]# ssh-keygen -t rsa
[root@openEuler-node1 sshd_ubuntu]# cd sshd_ubuntu
[root@openEuler-node1 sshd_ubuntu]# cat ~/.ssh/id_rsa.pub > authorized_keys 

4.編寫更改Ubuntu的源為國內(nèi)aliyun源

[root@openEuler-node1 sshd_ubuntu]# vim aliyun.list
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse

5.編寫run.sh

#!/bin/bash
/usr/sbin/sshd -D

5.編寫 Dockerfile

[root@openEuler-node1 sshd_ubuntu]# vim Dockerfile FROM ubuntu:18.04
MAINTAINER yuj<yj@qq.com>COPY aliyun.list /etc/apt/sources.list.d/aliyun.list
RUN apt update && \apt install -y openssh-server && \mkdir /var/run/sshd && \sed -ri 's/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g' /etc/pam.d/sshd && \mkdir /root/.ssh
COPY authorized_keys /root/.ssh/
COPY run.sh /run.sh
RUN chmod 755 /run.shEXPOSE 22
CMD ["/run.sh"]

6.制作鏡像并啟動(dòng)容器

[root@openEuler-node1 sshd_ubuntu]# docker build -t sshd:ubuntu_v1 ./
[root@openEuler-node1 sshd_ubuntu]# docker run -d -P sshd:ubuntu_v1

7.查看容器運(yùn)行狀態(tài)

[root@openEuler-node1 sshd_ubuntu]# docker ps 
CONTAINER ID   IMAGE            COMMAND                   CREATED             STATUS             PORTS                                     NAMES
3df76cc3dedd   sshd:ubuntu_v1   "/run.sh"                 6 seconds ago       Up 5 seconds       0.0.0.0:32776->22/tcp, :::32776->22/tcp   vigorous_williamson

8.用ssh連接登陸這個(gè)容器

[root@openEuler-node1 sshd_ubuntu]# ssh 192.168.136.55 -p 32776
The authenticity of host '[192.168.136.55]:32776 ([192.168.136.55]:32776)' can't be established.
ED25519 key fingerprint is SHA256:PCuiPOPbts35IzrOQ3PvZsU0+W+i7O1zheVc1XmDgHU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.136.55]:32776' (ED25519) to the list of known hosts.
Welcome to Ubuntu 18.04.6 LTS (GNU/Linux 5.10.0-182.0.0.95.oe2203sp3.x86_64 x86_64)
root@3df76cc3dedd:~#