From 8f33c135b671850ba5e4279164c2811b916b8677 Mon Sep 17 00:00:00 2001 From: Marcel Zapf Date: Sat, 24 Aug 2024 05:27:37 +0200 Subject: [PATCH] update --- Dockerfile | 9 --------- entrypoint.sh | 17 ++++++++++++----- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index 953b888..bfb4d90 100644 --- a/Dockerfile +++ b/Dockerfile @@ -56,15 +56,6 @@ RUN addgroup --gid 1001 devgroup && \ adduser --uid 1001 --ingroup devgroup --shell /bin/bash --home /home/dev --disabled-password dev && \ echo "dev ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers -# Ensure SSH configuration and host keys are set up -RUN ssh-keygen -A && \ - sed -i 's/^#HostKey/HostKey/' /etc/ssh/sshd_config && \ - chown -R root:root /etc/ssh && \ - chmod 600 /etc/ssh/ssh_host_* && \ - echo 'dev:dev' | chpasswd && \ - sed -i 's|#PermitRootLogin prohibit-password|PermitRootLogin no|' /etc/ssh/sshd_config && \ - sed -i 's|#PasswordAuthentication yes|PasswordAuthentication no|' /etc/ssh/sshd_config - # Adjust permissions for /usr/local and home directories RUN chown -R dev:devgroup /usr/local /home/dev diff --git a/entrypoint.sh b/entrypoint.sh index b71fe82..2464a38 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,13 +1,20 @@ #!/bin/bash -# Ensure SSH host keys are available; generate them if they do not exist -if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then +# Ensure SSH host keys are available and generate them if they do not exist +HOST_KEY_DIR="/home/dev/ssh_keys" +mkdir -p $HOST_KEY_DIR + +if [ ! -f $HOST_KEY_DIR/ssh_host_rsa_key ]; then echo "Generating new SSH host keys." - ssh-keygen -A + ssh-keygen -t rsa -f $HOST_KEY_DIR/ssh_host_rsa_key -N '' >/dev/null + ssh-keygen -t ecdsa -f $HOST_KEY_DIR/ssh_host_ecdsa_key -N '' >/dev/null + ssh-keygen -t ed25519 -f $HOST_KEY_DIR/ssh_host_ed25519_key -N '' >/dev/null fi -# Start SSH service -/usr/sbin/sshd -D +# Start SSH service with custom host key location +/usr/sbin/sshd -D -o HostKey=$HOST_KEY_DIR/ssh_host_rsa_key \ + -o HostKey=$HOST_KEY_DIR/ssh_host_ecdsa_key \ + -o HostKey=$HOST_KEY_DIR/ssh_host_ed25519_key # Check if any additional commands were passed and execute them if [ "$#" -gt 0 ]; then