README
¶
ssh2docker
🔧 SSH server that creates a Docker container per connection (chroot++)
Example
Server
$ ssh2docker
INFO[0000] Listening on port 2222
INFO[0004] conn: User="alpine", ClientVersion=%!(NOVERB)%!(EXTRA string=5353482d322e302d4f70656e5353485f362e32)
INFO[0004] Creating pty...
INFO[0004] Window resize 181x50
INFO[0004] pty-req: xterm-256color
INFO[0004] Executing docker [run -it --rm alpine /bin/sh]
INFO[0010] session closed
INFO[0016] conn: User="ubuntu", ClientVersion=%!(NOVERB)%!(EXTRA string=5353482d322e302d4f70656e5353485f362e32)
INFO[0016] Creating pty...
INFO[0016] Window resize 181x50
INFO[0016] pty-req: xterm-256color
INFO[0016] Executing docker [run -it --rm ubuntu /bin/sh]
INFO[0023] session closed
Client
$ ssh localhost -p 2222 -l alpine
Host key fingerprint is 59:46:d7:cf:ca:33:be:1f:58:fd:46:c8:ca:5d:56:03
+--[ RSA 2048]----+
| . .E |
| . . o |
| o +.|
| + . .*|
| S .oo=|
| . oB+.|
| oo.+o|
| ...|
| .o.|
+-----------------+
alpine@localhost's password:
/ # cat /etc/alpine-release
3.2.0
/ # ^D
$ ssh localhost -p 2222 -l ubuntu
Host key fingerprint is 59:46:d7:cf:ca:33:be:1f:58:fd:46:c8:ca:5d:56:03
+--[ RSA 2048]----+
| . .E |
| . . o |
| o +.|
| + . .*|
| S .oo=|
| . oB+.|
| oo.+o|
| ...|
| .o.|
+-----------------+
ubuntu@localhost's password:
# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.3 LTS
Release: 14.04
Codename: trusty
# ^D
Install
$ go get github.com/moul/ssh2docker/...
Usage
NAME:
ssh2docker - SSH portal to Docker containers
USAGE:
ssh2docker [global options] command [command options] [arguments...]
AUTHOR(S):
Manfred Touron <https://github.com/moul/ssh2docker>
COMMANDS:
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--verbose, -V Enable verbose mode
--bind, -b ":2222" Listen to address
--host-key, -k "built-in" Path or complete SSH host key to use
--allowed-images List of allowed images, i.e: alpine,ubuntu:trusty,1cf3e6c
--shell "/bin/sh" Default shell
--docker-run-args "-it --rm" 'docker run' arguments
--help, -h show help
--version, -v print the version
License
MIT
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SetWinsize ¶
Types ¶
type Client ¶
type Client struct {
Idx int
ChannelIdx int
Conn *ssh.ServerConn
Chans <-chan ssh.NewChannel
Reqs <-chan *ssh.Request
Server *Server
Pty, Tty *os.File
Env Environment
RemoteUser string
ImageName string
}
Client is one client connection
func NewClient ¶
func NewClient(conn *ssh.ServerConn, chans <-chan ssh.NewChannel, reqs <-chan *ssh.Request, server *Server) *Client
NewClient initializes a new client
func (*Client) HandleChannel ¶
func (c *Client) HandleChannel(newChannel ssh.NewChannel) error
HandleChannel handles one SSH channel
func (*Client) HandleChannelRequests ¶
HandleChannelRequests handles channel requests
func (*Client) HandleChannels ¶
HandleChannels handles SSH channels
func (*Client) HandleRequests ¶
HandleRequests handles SSH requests
type Environment ¶
func (*Environment) List ¶
func (e *Environment) List() []string
type Server ¶
type Server struct {
SshConfig *ssh.ServerConfig
AllowedImages []string
DefaultShell string
DockerRunArgs []string
NoJoin bool
}
Server is the ssh2docker main structure
func (*Server) AddHostKey ¶
AddHostKey parses/loads an ssh key and registers it to the server
func (*Server) Handle ¶
Handle is the SSH client entrypoint, it takes a net.Conn instance and handle all the ssh and ssh2docker stuff
func (*Server) ImageIsAllowed ¶
ImageIsAllowed returns true if the target image is in the allowed list
func (*Server) PasswordCallback ¶
func (s *Server) PasswordCallback(conn ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error)
PasswordCallback is called when the user tries to authenticate using a password
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.