os_kernel/doc/Docker Ubuntu 上安装 ssh 和连接 ssh.md

Docker 安装 Ubuntu

1. 首先从云上拉取 ubuntu 的镜像

   docker pull ubuntu
   

   使用 docker images 或 docker image ls 查看刚才摘取下来的镜像

   

   如上图示镜像 ID 为 b1d9df8ab815

2. 启动镜像

输入命令 docker run -itd -p 6789:22 b1d9df8ab815，表示在后台启动镜像，并将本机的 6789 端口映射到容器的 22 端口，最后字符串是 IMAGES ID. 只要没有报错，显示一串字符就说明镜像启动成功，可以通过命令 docker container ls 或 docker ps 来查看运行的容器：

如上图示，容器的 ID 为 7761329a4cc6

1. 进入容器，下载 openssh-server, 并修改 ssh 的配置，启动 ssh

   输入命令docker exec -it 7761329a4cc6 /bin/bash 进入容器，执行命令：

   root@7761329a4cc6:/# apt-get update
   Get:1 http://archive.ubuntu.com/ubuntu noble InRelease [256 kB]
   Get:2 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB]
   ...
   Get:17 http://archive.ubuntu.com/ubuntu noble-backports/universe amd64 Packages [11.9 kB]
   Fetched 26.6 MB in 20s (1361 kB/s)
   Reading package lists... Done
   root@7761329a4cc6:/# apt-get upgrade
   ...
   root@7761329a4cc6:/# apt-get install openssh-server
   Reading package lists... Done
   Building dependency tree... Done
   Reading state information... Done
   ...
   0 upgraded, 82 newly installed, 0 to remove and 0 not upgraded.
   Need to get 34.8 MB of archives.
   After this operation, 123 MB of additional disk space will be used.
   Do you want to continue? [Y/n] y
   ...
   Updating certificates in /etc/ssl/certs...
   0 added, 0 removed; done.
   Running hooks in /etc/ca-certificates/update.d...
   done
   

2. 设置 root 密码

   root@7761329a4cc6:/# passwd

1. 修改 SSH 配置文件

   root@7761329a4cc6:/# vim /etc/ssh/sshd_config

注释一行 #PermitRootLogin prohibit-password

添加一行 PermitRootLogin yes ，然后保存退出

1. 重启 SSH 服务

   ```sh root@7761329a4cc6:/# /etc/init.d/ssh restart

   • Restarting OpenBSD Secure Shell server sshd [ OK ]

     自动启动

     root@7761329a4cc6:/# systemctl enable ssh ```

2. 本机连接 ssh

   (base) ➜  ~ ssh root@0.0.0.0 -p 6789
   The authenticity of host '[0.0.0.0]:6789 ([0.0.0.0]:6789)' can't be established.
    ECDSA key fingerprint is SHA256:vXNa4BXo0s63JV8VqLDD3iV5E+xEsuV/DdEkldeX7fQ.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    root@0.0.0.0's password:
    Welcome to Ubuntu 24.04.1 LTS (GNU/Linux 5.10.25-linuxkit x86_64)

    * Documentation:  https://help.ubuntu.com
    * Management:     https://landscape.canonical.com
    * Support:        https://ubuntu.com/pro

    This system has been minimized by removing packages and content that are
    not required on a system that users do not log into.

    To restore this content, you can run the 'unminimize' command.

    The programs included with the Ubuntu system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.

    Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
    applicable law.

    root@7761329a4cc6:~#

如上示， 输入 `yes` 同意加密认证，然后输入登陆密码，就可以远程返回 docker 系统

1. 容器导出

    # 如上图示，容器的 ID 为 `7761329a4cc6`
   (base) ➜  ~ docker export 7761329a4cc6 > ssh_ubuntu.tar

如上示导出容器 `7761329a4cc6` 快照到本地文件 `ssh_ubuntu.tar`。

1. 导入容器快照 可以使用 docker import 从容器快照中再导入为镜像， 以下将快照文件ssh_ubuntu.tar导入到镜像 ssh/ubuntu:v1

   (base) ➜  ~ cat ssh_ubuntu.tar | docker import - ssh/ubuntu:v1
   sha256:995020b3864b182e012c1a128dd4be3c479289d42ae642321577d779bca223a6