aligator hace 1 año
commit
e18ad767c5
Se han modificado 6 ficheros con 88 adiciones y 0 borrados
  1. 2
    0
      .gitignore
  2. 29
    0
      Dockerfile
  3. 8
    0
      README.md
  4. 18
    0
      docker-compose.yaml
  5. 5
    0
      genHostKeys.sh
  6. 26
    0
      sshd_config

+ 2
- 0
.gitignore Ver fichero

@@ -0,0 +1,2 @@
1
+ssh_host_*
2
+authorized_keys

+ 29
- 0
Dockerfile Ver fichero

@@ -0,0 +1,29 @@
1
+FROM alpine:latest
2
+
3
+MAINTAINER aligator <aligator@suncraft-server.de>
4
+
5
+ARG user
6
+ARG gid
7
+ARG uid
8
+ENV SSH_USER=${user}
9
+ENV GROUP_GID=${gid}
10
+ENV USER_UID=${uid}
11
+
12
+RUN apk add --no-cache --update-cache openssh && \
13
+    mkdir -p /var/run/sshd && \
14
+    rm -f /etc/ssh/ssh_host_*key* && \
15
+    addgroup -g $GROUP_GID $SSH_USER && \
16
+    adduser -D -u $USER_UID -s /sbin/nologin -G $SSH_USER $SSH_USER && \
17
+    echo "$SSH_USER:" | chpasswd && \
18
+    chown root /home/$SSH_USER && \
19
+    mkdir -p /home/$SSH_USER/data && \
20
+    chown $SSH_USER:$SSH_USER /home/$SSH_USER/data
21
+
22
+COPY sshd_config /etc/ssh/sshd_config
23
+COPY authorized_keys /etc/ssh/authorized_keys/${user}
24
+COPY ssh_host_ed25519_key /etc/ssh/ssh_host_ed25519_key
25
+COPY ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key
26
+
27
+EXPOSE 22
28
+
29
+CMD ["/usr/sbin/sshd", "-D"]

+ 8
- 0
README.md Ver fichero

@@ -0,0 +1,8 @@
1
+###How to use:
2
+1. create a "authorized_keys" file and add your public ssh-keys there
3
+1. run genHostKeys.sh
4
+1. change the username in docker-compose.yaml
5
+1. change the volume to use in docker-compose.yaml
6
+1. change uid and gid in docker-compose.yaml
7
+1. docker-compose build
8
+1. docker-compose up

+ 18
- 0
docker-compose.yaml Ver fichero

@@ -0,0 +1,18 @@
1
+version: '3'
2
+services:
3
+  sftp:
4
+    build:
5
+      context: .
6
+      args:
7
+        - user=myUser
8
+        - uid=1001
9
+        - gid=1001
10
+    volumes:
11
+      - my-vol:/home/myUser/data
12
+    ports:
13
+      - "3022:22"
14
+
15
+volumes:
16
+  my-vol:
17
+    external: true
18
+  

+ 5
- 0
genHostKeys.sh Ver fichero

@@ -0,0 +1,5 @@
1
+#!/bin/bash
2
+rm ssh_host_*
3
+ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null
4
+ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null
5
+rm ssh_host_*.pub

+ 26
- 0
sshd_config Ver fichero

@@ -0,0 +1,26 @@
1
+# Secure defaults
2
+# See: https://stribika.github.io/2015/01/04/secure-secure-shell.html
3
+Protocol 2
4
+HostKey /etc/ssh/ssh_host_ed25519_key
5
+HostKey /etc/ssh/ssh_host_rsa_key
6
+
7
+# Faster connection
8
+# See: https://github.com/atmoz/sftp/issues/11
9
+UseDNS no
10
+
11
+# Limited access
12
+PasswordAuthentication no
13
+PermitRootLogin no
14
+X11Forwarding no
15
+AllowTcpForwarding no
16
+
17
+# Force sftp and chroot jail
18
+Subsystem sftp internal-sftp
19
+ForceCommand internal-sftp
20
+ChrootDirectory %h
21
+
22
+# Enable this for more logs
23
+#LogLevel VERBOSE
24
+
25
+AuthorizedKeysFile     /etc/ssh/authorized_keys/%u
26
+

Loading…
Cancelar
Guardar