SSH Setup in Docker: Connecting to Remote Machines

May 13, 2023 · 3 minute read

TLDR

SSH into a remote machine from within a Docker container using a reproducible approach. Steps:

  • Create a Dockerfile with SSH installed
  • Build the Docker image and run the container
  • Mount the local ~/.ssh directory to the container
  • Execute SSH commands within the Docker container to access the remote machine
FROM ubuntu:20.04

WORKDIR /app

RUN apt update && \
    apt install -y --no-install-recommends \
    ssh

ENTRYPOINT ["ssh", "<remote-username>@<remote-hostname>"]

Terminal commands:

# Build the Docker image 
docker build -t sshtest . 

# Run the container 
docker run --rm -it --network host -v $HOME/.ssh:/root/.ssh:ro sshtest

Motivation

As a developer looking to deploy projects on remote machines using Ansible, you may encounter limitations when running Ansible on a Windows host natively. To overcome this challenge, having a reliable method to connect to a remote machine via SSH from within a Docker container becomes invaluable. By configuring the Docker container with the necessary access rights and SSH keys, you can seamlessly execute Ansible commands and ensure a reproducible deployment process.

Prerequisites

To follow this tutorial, you’ll need:

  • Docker
  • PowerShell 7
  • Access to a remote server via SSH, with your public key added to ~/.ssh/authorized_keys on the remote machine
  • SSH keys located in ~/.ssh on your local machine, which will be mounted when invoking docker run

Tutorial

Create a Dockerfile with the following content:

FROM ubuntu:20.04

WORKDIR /app

RUN apt update && \
    apt install -y --no-install-recommends \
    ssh

ENTRYPOINT ["ssh", "<remote-username>@<remote-hostname>"]

Now, build the image and run it with the following commands:

# Build the Docker image
docker build -t sshtest .

# Run the container
docker run --rm -it --network host -v $home/.ssh:/root/.ssh:ro sshtest

Explanation of Docker command options:

  • --rm: Automatically remove the container when it exits
  • -it: Allocate a pseudo-TTY and keep STDIN open, enabling interactive terminal access
  • --network host: Use the host network stack inside the container for direct access to the remote machine
  • -v $home/.ssh:/root/.ssh:ro: Mount the ~/.ssh directory from your local machine to /root/.ssh in the container as read-only, providing access to the SSH keys

A Note of Caution

It is crucial not to include the ~/.ssh directory in the Docker image itself to avoid potential security risks. Instead, mount the directory as read-only when running the Docker container.

Conclusion

In this tutorial, we have explored a comprehensive approach to SSH into a remote machine from within a Docker container. By leveraging Docker, PowerShell, and SSH, you can overcome the limitations of running Ansible on a Windows host natively. By following the steps outlined in this article, you have learned how to configure a Docker container with the necessary access rights and SSH keys, enabling seamless execution of Ansible commands. This reproducible method simplifies the deployment process and ensures consistency across environments.

SSH Docker virtual machines connectivity Ansible