SSH Setup in Docker: Connecting to Remote Machines

May 13, 2023 · 3 minute read

TLDR

SSH into a remote machine from within a Docker container using a reproducible approach. Steps:

  • Create a Dockerfile with SSH installed
  • Build the Docker image and run the container
  • Mount the local ~/.ssh directory to the container
  • Execute SSH commands within the Docker container to access the remote machine
FROM ubuntu:20.04

WORKDIR /app

RUN apt update && \
    apt install -y --no-install-recommends \
    ssh

ENTRYPOINT ["ssh", "<remote-username>@<remote-hostname>"]

Terminal commands:

# Build the Docker image 
docker build -t sshtest . 

# Run the container 
docker run --rm -it --network host -v $HOME/.ssh:/root/.ssh:ro sshtest

Motivation

As a developer looking to deploy projects on remote machines using Ansible, you may encounter limitations when running Ansible on a Windows host natively. To overcome this challenge, having a reliable method to connect to a remote machine via SSH from within a Docker container becomes invaluable. By configuring the Docker container with the necessary access rights and SSH keys, you can seamlessly execute Ansible commands and ensure a reproducible deployment process.

Prerequisites

To follow this tutorial, you’ll need:

  • Docker
  • PowerShell 7
  • Access to a remote server via SSH, with your public key added to ~/.ssh/authorized_keys on the remote machine
  • SSH keys located in ~/.ssh on your local machine, which will be mounted when invoking docker run

Tutorial

Create a Dockerfile with the following content:

FROM ubuntu:20.04

WORKDIR /app

RUN apt update && \
    apt install -y --no-install-recommends \
    ssh

ENTRYPOINT ["ssh", "<remote-username>@<remote-hostname>"]

Now, build the image and run it with the following commands:

# Build the Docker image
docker build -t sshtest .

# Run the container
docker run --rm -it --network host -v $home/.ssh:/root/.ssh:ro sshtest

Explanation of Docker command options:

  • --rm: Automatically remove the container when it exits
  • -it: Allocate a pseudo-TTY and keep STDIN open, enabling interactive terminal access
  • --network host: Use the host network stack inside the container for direct access to the remote machine
  • -v $home/.ssh:/root/.ssh:ro: Mount the ~/.ssh directory from your local machine to /root/.ssh in the container as read-only, providing access to the SSH keys

A Note of Caution

It is crucial not to include the ~/.ssh directory in the Docker image itself to avoid potential security risks. Instead, mount the directory as read-only when running the Docker container.

Conclusion

In this tutorial, we have explored a comprehensive approach to SSH into a remote machine from within a Docker container. By leveraging Docker, PowerShell, and SSH, you can overcome the limitations of running Ansible on a Windows host natively. By following the steps outlined in this article, you have learned how to configure a Docker container with the necessary access rights and SSH keys, enabling seamless execution of Ansible commands. This reproducible method simplifies the deployment process and ensures consistency across environments.