Establish SSH connection from Jenkins container to SSH server container, I can establish with password login but can’t establish with private key

  centos, docker, dockerfile, jenkins, ssh

The Story:

I am following a Udemy course for learning Jenkins with docker. The lab is that I setup a SSH server container & a Jenkins container, put them in the same docker network. Then, I go into the jenkins container to establish ssh connection to the SSH server container.

The issue:

I can establish SSH connection from jenkins container to the SSH server container with password login, however, it fails to establish the SSH -i with the key pair I generated.

The overview of my directory and files:

Under my working space of my local machine, I have:

  • a docker-compose.yml (details see below)
  • a directory named centos/,
  • Inside centos/ I have a Dockerfile for building the SSH server image.

The steps I tried and their results:

Step 1, I firstly created the docker-compose.yml for the two containers

version: '3'
    container_name: jenkins
    image: jenkins/jenkins
      - "8080:8080"
      - $PWD/jenkins_home:/var/jenkins_home
      - net
    container_name: remote_host
    image: remote-host
      context: centos7
      - net

As you can see above, the remote_host service refers to the SSH server image which is built from a Dockerfile under centos/ directory.

Step 2, so here is my Dockerfile under centos/ :

FROM centos

RUN yum -y install openssh-server

RUN useradd remote_user && 
    echo remote_user:1234 | chpasswd && 
    mkdir /home/remote_user/.ssh && 
    chmod 700 /home/remote_user/.ssh

COPY /home/remote_user/.ssh/authorized_keys

RUN chown remote_user:remote_user -R /home/remote_user/.ssh/ && 
    chmod 600 /home/remote_user/.ssh/authorized_keys

RUN ssh-keygen -A
RUN rm -rf /run/nologin
CMD /usr/sbin/sshd -D

Step 3. As you can see in above Dockerfile, I COPY a public key from my local host to the container and named it authorized_keys. I generated the key pair under the centos/ folder of my local host by command:

ssh-keygen -t rsa -m PEM -f remote-key

Step 4. After all above are done. I run command docker-compose build to build images.

Step 5. Finally I run docker-compose up to bring up containers.

Both jenkins & remote_host(the ssh server) containers are up and running successfully.

Step 6. Then I go inside the jenkins container by docker exec -it jenkins bash, in the bash terminal of the container, I do ssh connection:

[email protected]:/$ ssh [email protected]_host
[email protected]_host's password: 

After input the passowrd 1234 (Defined in the Dockerfile), I successfully established the SSH connection from jenkins container to the SSH server container. But I would like to establish the connection via key pairs instead of password login.

Step 7, since the SSH server container has the public key copied, so, I copied the private key from my local host to the jenkins container by command:

docker cp remote-key jenkins:/tmp/

So, now the jenkins container’s /tmp/ directory contains the private key.

Step 8, Now I try to use the private key to establish the SSH connection to the ssh server container. I go inside the jenkins by docker exec -it jenkins bash, then, I run command:

[email protected]:/$ ssh -i /tmp/remote-key [email protected]_host
Load key "/tmp/remote-key": Permission denied
[email protected]_host's password: 

As you can see above, inside jenkins container, the bash prompt tells me the key "/tmp/remote-key": Permission denied. Right after that it asks me to input password, then I input password 1234, and the SSH connection is established.

So, why I can’t use the private key to establish the SSH connection from the jenkins container to the ssh server container but only login with password works?

Source: Docker Questions