Setting ssh public keys on Docker image
I setup a Docker image that supports ssh. No problem, lots of examples. However, most examples show setting a password using passwd. I want to distribute my image. Having a fixed password, especially to root, seems like a gaping security hole. Better, to me, is to setup the image with root having no password. When a user gets the image they would then copy their public ssh file to the image /root/.ssh/authorized_keys file.
Is there a recommended way to do this?
- Provide a Dockerfile that builds on my image with an ADD command
that user can edit?
- Provide a shell script that runs something like “cat ~/.ssh/authorized_keys | docker run -i sh -c ‘cat > root/.ssh/authorized_keys”?
One Solution collect form web for “Setting ssh public keys on Docker image”
What about generating a private key and display it to the user?
I use this snippet as part of the entrypoint script for an image:
KEYGEN=/usr/bin/ssh-keygen KEYFILE=/root/.ssh/id_rsa if [ ! -f $KEYFILE ]; then $KEYGEN -q -t rsa -N "" -f $KEYFILE cat $KEYFILE.pub >> /root/.ssh/authorized_keys fi echo "== Use this private key to log in ==" cat $KEYFILE