I am following a Udemy course for learning Jenkins with docker. The lab is that I setup a SSH server container & a Jenkins container, put them in the same docker network. Then, I go into the jenkins container to establish ssh connection to the SSH server container.
I can establish SSH connection from jenkins container to the SSH server container with password login, however, it fails to establish the
SSH -i with the key pair I generated.
The overview of my directory and files:
Under my working space of my local machine, I have:
docker-compose.yml(details see below)
- a directory named
centos/I have a
Dockerfilefor building the SSH server image.
The steps I tried and their results:
Step 1, I firstly created the
docker-compose.yml for the two containers
version: '3' services: jenkins: container_name: jenkins image: jenkins/jenkins ports: - "8080:8080" volumes: - $PWD/jenkins_home:/var/jenkins_home networks: - net remote_host: container_name: remote_host image: remote-host build: context: centos7 networks: - net networks: net:
As you can see above, the
remote_host service refers to the SSH server image which is built from a
Step 2, so here is my
FROM centos RUN yum -y install openssh-server RUN useradd remote_user && echo remote_user:1234 | chpasswd && mkdir /home/remote_user/.ssh && chmod 700 /home/remote_user/.ssh COPY remote-key.pub /home/remote_user/.ssh/authorized_keys RUN chown remote_user:remote_user -R /home/remote_user/.ssh/ && chmod 600 /home/remote_user/.ssh/authorized_keys RUN ssh-keygen -A RUN rm -rf /run/nologin CMD /usr/sbin/sshd -D
Step 3. As you can see in above Dockerfile, I
COPY a public key
remote-key.pub from my local host to the container and named it
authorized_keys. I generated the key pair under the
centos/ folder of my local host by command:
ssh-keygen -t rsa -m PEM -f remote-key
Step 4. After all above are done. I run command
docker-compose build to build images.
Step 5. Finally I run
docker-compose up to bring up containers.
Both jenkins & remote_host(the ssh server) containers are up and running successfully.
Step 6. Then I go inside the jenkins container by
docker exec -it jenkins bash, in the bash terminal of the container, I do ssh connection:
[email protected]:/$ ssh [email protected]_host [email protected]_host's password:
After input the passowrd 1234 (Defined in the
Dockerfile), I successfully established the SSH connection from jenkins container to the SSH server container. But I would like to establish the connection via key pairs instead of password login.
Step 7, since the SSH server container has the public key copied, so, I copied the private key from my local host to the jenkins container by command:
docker cp remote-key jenkins:/tmp/
So, now the jenkins container’s /tmp/ directory contains the private key.
Step 8, Now I try to use the private key to establish the SSH connection to the ssh server container. I go inside the jenkins by
docker exec -it jenkins bash, then, I run command:
[email protected]:/$ ssh -i /tmp/remote-key [email protected]_host Load key "/tmp/remote-key": Permission denied [email protected]_host's password:
As you can see above, inside jenkins container, the bash prompt tells me the
key "/tmp/remote-key": Permission denied. Right after that it asks me to input password, then I input password 1234, and the SSH connection is established.
So, why I can’t use the private key to establish the SSH connection from the jenkins container to the ssh server container but only login with password works?
Source: Docker Questions