Docker创建无密码ssh容器

需求

希望创建一个container进行调试，使用ssh登陆无需密码。

实现

Dockerfile如下

FROM ubuntu:20.04
RUN passwd -d root && apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -yq \
    s6 ssh && mkdir /run/sshd && mkdir -p /etc/s6/sshd && \
    sed -i -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' \
    -e 's/#PermitEmptyPasswords no/PermitEmptyPasswords yes/' \
    -e 's/UsePAM yes/UsePAM no/' /etc/ssh/sshd_config && \
    echo '#!/bin/sh\nexec /usr/sbin/sshd -D' > /etc/s6/sshd/run && \
    chmod +x /etc/s6/sshd/run
ENTRYPOINT ["/bin/s6-svscan", "/etc/s6/"]

修改sshd_config使得空密码成为可能，最后使用s6对sshd进行守护。

验证

$ docker build -t ubuntu:20.04_ssh .
$ docker run -d --name ssh ubuntu:20.04_ssh
$ docker exec -it ssh bash
root@56bb78228436:/# ssh 0
The authenticity of host '0.0.0.0 (0.0.0.0)' can't be established.
ECDSA key fingerprint is SHA256:S0VuGHBwJVA5lLmTimCv0YtYPAv/YlqtKS+XjzCh1wk.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '0.0.0.0' (ECDSA) to the list of known hosts.
root@56bb78228436:~#

可以看到无密码登陆root成功。

参考

SSH login without password and without keys - Unix & Linux Stack Exchange
docker - Editing Files from dockerfile - Stack Overflow