Browse Source

Move HostKeys to they're own path

master
parent
commit
0c3b8f4ad1
  1. 4
      Dockerfile
  2. 4
      entrypoint.sh

4
Dockerfile

@ -11,7 +11,10 @@ RUN rm -f /etc/ssh/ssh_host_* \ @@ -11,7 +11,10 @@ RUN rm -f /etc/ssh/ssh_host_* \
&& useradd --non-unique --uid $USERID --gid $GROUPID --no-create-home --home-dir $DATADIR $OWNER \
&& mkdir -p "$DATADIR" \
&& chown $OWNER "$DATADIR" \
&& mkdir -p /etc/ssh/host_keys/ \
&& echo "AuthorizedKeysFile $AUTHORIZED_KEYS_FILE" >> /etc/ssh/sshd_config \
&& echo "HostKey /etc/ssh/host_keys/ssh_host_ecdsa_key" >> /etc/ssh/sshd_config \
&& echo "HostKey /etc/ssh/host_keys/ssh_host_ed25519_key" >> /etc/ssh/sshd_config \
&& echo "X11Forwarding no" >> /etc/ssh/sshd_config \
&& echo "AllowTcpForwarding no" >> /etc/ssh/sshd_config \
&& echo "ChrootDirectory %h" >> /etc/ssh/sshd_config \
@ -25,5 +28,6 @@ RUN rm -f /etc/ssh/ssh_host_* \ @@ -25,5 +28,6 @@ RUN rm -f /etc/ssh/ssh_host_* \
ADD entrypoint.sh /
EXPOSE 22
VOLUME /etc/ssh/host_keys
CMD ["/entrypoint.sh"]

4
entrypoint.sh

@ -1,8 +1,8 @@ @@ -1,8 +1,8 @@
#!/bin/bash
# This won't be executed if keys already exist (i.e. from a volume)
ssh-keygen -t ed25519
ssh-keygen -t ecdsa
ssh-keygen -t ecdsa -f /etc/ssh/host_keys/ssh_host_ecdsa_key
ssh-keygen -t df25519 -f /etc/ssh/host_keys/ssh_host_ed25519_key
# Copy authorized keys from ENV variable
echo "$AUTHORIZED_KEYS" >$AUTHORIZED_KEYS_FILE

Loading…
Cancel
Save