标签:names bing 成功 key UNC 修改 space nta password
有些场景需要我们自己配置容器中的服务,可以说类似于一个小型的虚拟机,那么怎么创建一个可以远程连接的容器呢?拉取centos基础镜像
docker pull centos:7.2.1511
docker pull registry.cn-hangzhou.aliyuncs.com/repos_zyl/centos:0.0.1
启动镜像
sudo docker run -i -t centos:7.2.1511 /bin/bash
yum -y install openssh-server
启动sshd:
# /usr/sbin/sshd -D
这时报以下错误:
[root@ b5926410fe60 /]# /usr/sbin/sshd
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
执行以下命令解决:
ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
然后,修改/etc/ssh/sshd_config 配置信息:
UsePAM yes 改为UsePAM no
UsePrivilegeSeparation sandbox 改为UsePrivilegeSeparation no
sed -i "s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
systemctl enable sshd
passwd root
aice@openstack:~$ sudo docker ps -all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
880273353fda registry.cn-hangzhou.aliyuncs.com/repos_zyl/centos:0.0.1 "/bin/bash" 10 minutes ago Exited (127) 5 seconds ago goofy_kirch
aice@openstack:~$ sudo docker commit 880273353fda sf/centos7-ssh
sha256:526e35632f77b2d9200fb26713b6270b0b58e221d1c789e3dc2bc2c5708423a8
aice@openstack:~$
生成新的镜像
aice@openstack:~$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sf/centos7-ssh latest 526e35632f77 About a minute ago 301MB
删除在运行的容器
aice@openstack:~$ sudo docker ps -all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
880273353fda registry.cn-hangzhou.aliyuncs.com/repos_zyl/centos:0.0.1 "/bin/bash" 13 minutes ago Exited (127) 3 minutes ago goofy_kirch
aice@openstack:~$ sudo docker rm -f 880273353fda
880273353fda
aice@openstack:~$
重新启动tomcat端口为8080 jh-hos端口为20000 ssh端口为10022
aice@openstack:~$ sudo docker run -d -p 10022:22 -d -p 8080:8080 -d -p 20000:20000 sf/centos7-ssh /usr/sbin/sshd -D
04c440e2c872483a14e7cdee1411c51b73e2be2bdbfea5cf4887e09633ae0ed9
#远程连接成功
MacBook-Pro:lss-lims-web dingbingbing$ ssh root@192.168.3.136 -p 10022
The authenticity of host '[192.168.3.136]:10022 ([192.168.3.136]:10022)' can't be established.
ECDSA key fingerprint is SHA256:EPo7Cu1FM9GG1plXF2MP9gyQRWORrUJau/MZnuqNt+w.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.3.136]:10022' (ECDSA) to the list of known hosts.
root@192.168.3.136's password:
[root@04c440e2c872 ~]#
标签:names bing 成功 key UNC 修改 space nta password
原文地址:http://blog.51cto.com/13520772/2137171