Shulou(Shulou.com)06/03 Report--

1. Pull centos mirrors from a remote repository

Docker pull centos

two。 Query image docker images

[root@HA2 kehj] # docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

Nginx-docker v1 20c4d11561d3 11 hours ago 451.1 MB

Docker.io/nginx latest f895b3fb9e30 2 weeks ago 108.5 MB

Docker.io/centos latest 3fa822599e10 3 weeks ago 203.5 MB

Docker.io/ubuntu latest 747cb2d60bbe 11 weeks ago 122 MB

3. Start the centos container docker run-I-t centos / bin/bash

[root@HA2 kehj] # docker run-I-t centos / bin/bash

[root@f2595a1c0aae /] #

4. Install the sshd service

[root@f2595a1c0aae /] # yum install passwd openssl openssh-server-y

Loaded plugins: fastestmirror, ovl

Base | 3.6 kB 00:00:00

Extras | 3.4 kB 00:00:00

Updates | 3.4 kB 00:00:00

(1x4): extras/7/x86_64/primary_db | 145kB 00:00:01

(2ap4): base/7/x86_64/group_gz | 156 kB 00:00:01

(3x4): updates/7/x86_64/primary_db | 4.6 MB 00:00:15

(4ache 4): base/7/x86_64/primary_db | 5.7 MB 00:00:23

Determining fastest mirrors

* base: mirrors.163.com

* extras: mirrors.163.com

* updates: mirrors.163.com

Package passwd-0.79-4.el7.x86_64 already installed and latest version

Resolving Dependencies

-> Running transaction check

-- > Package openssh-server.x86_64 0:7.4p1-13.el7_4 will be installed

-- > Processing Dependency: openssh = 7.4p1-13.el7_4 for package: openssh-server-7.4p1-13.el7_4.x86_64

-- > Processing Dependency: fipscheck-lib (x86-64) > = 1.3.0 for package: openssh-server-7.4p1-13.el7_4.x86_64

-> Processing Dependency: libwrap.so.0 () (64bit) for package: openssh-server-7.4p1-13.el7_4.x86_64

-> Processing Dependency: libfipscheck.so.1 () (64bit) for package: openssh-server-7.4p1-13.el7_4.x86_64

-- > Package openssl.x86_64 1:1.0.2k-8.el7 will be installed

-- > Processing Dependency: make for package: 1:openssl-1.0.2k-8.el7.x86_64

-> Running transaction check

-> Package fipscheck-lib.x86_64 0RU 1.4.1-6.el7 will be installed

Processing Dependency: / usr/bin/fipscheck for package: fipscheck-lib-1.4.1-6.el7.x86_64

-> Package make.x86_64 1RU 3.82-23.el7 will be installed

-- > Package openssh.x86_64 0:7.4p1-13.el7_4 will be installed

-> Package tcp_wrappers-libs.x86_64 0RU 7.6-77.el7 will be installed

-> Running transaction check

-> Package fipscheck.x86_64 0RU 1.4.1-6.el7 will be installed

-> Finished Dependency Resolution

Dependencies Resolved

=

Package Arch Version Repository Size

=

Installing:

Openssh-server x8634 7.4p1-13.el7_4 updates 458k

Openssl x86_64 1:1.0.2k-8.el7 base 492 k

Installing for dependencies:

Fipscheck x86'64 1.4.1-6.el7 base 21 k

Fipscheck-lib x86'64 1.4.1-6.el7 base 11k

Make x86x 64 1purl 3.82-23.el7 base 420k

Openssh x8634 7.4p1-13.el7_4 updates 509k

Tcp_wrappers-libs x86x67.6-77.el7 base 66k

Transaction Summary

=

Install 2 Packages (+ 5 Dependent packages)

Total download size: 1.9 M

Installed size: 4.9 M

Downloading packages:

Warning: / var/cache/yum/x86_64/7/base/packages/fipscheck-lib-1.4.1-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY

Public key for fipscheck-lib-1.4.1-6.el7.x86_64.rpm is not installed

(1can7): fipscheck-lib-1.4.1-6.el7.x86_64.rpm | 11 kB 00:00:00

(2ache 7): fipscheck-1.4.1-6.el7.x86_64.rpm | 21 kB 00:00:00

Public key for openssh-7.4p1-13.el7_4.x86_64.rpm is not installed] 206 kB/s | 681kB 00:00:06 ETA

(3 kB 7): openssh-7.4p1-13.el7_4.x86_64.rpm | 509 kB 00:00:01

(4ache 7): tcp_wrappers-libs-7.6-77.el7.x86_64.rpm | 66 kB 00:00:01

(5umb7): openssl-1.0.2k-8.el7.x86_64.rpm | 492kB 00:00:02

(6 kB 7): openssh-server-7.4p1-13.el7_4.x86_64.rpm | 458 kB 00:00:03

(7ax 7): make-3.82-23.el7.x86_64.rpm | 420 kB 00:00:04

-

Total 403 kB/s | 1.9 MB 00:00:04

Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Importing GPG key 0xF4A80EB5:

Userid: "CentOS-7 Key (CentOS 7 Official Signing Key)"

Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5

Package: centos-release-7-4.1708.el7.centos.x86_64 (@ CentOS)

From: / etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

Installing: fipscheck-1.4.1-6.el7.x86_64 1 Compact 7

Installing: fipscheck-lib-1.4.1-6.el7.x86_64 2 Compact 7

Installing: openssh-7.4p1-13.el7_4.x86_64 3 Universe 7

Installing: 1:make-3.82-23.el7.x86_64 4 Compact 7

Installing: tcp_wrappers-libs-7.6-77.el7.x86_64 5 Universe 7

Installing: openssh-server-7.4p1-13.el7_4.x86_64 6 and 7

Installing: 1:openssl-1.0.2k-8.el7.x86_64 7/7

Verifying: fipscheck-lib-1.4.1-6.el7.x86_64 1 Compact 7

Verifying: 1:openssl-1.0.2k-8.el7.x86_64 2/7

Verifying: tcp_wrappers-libs-7.6-77.el7.x86_64 3 Universe 7

Verifying: fipscheck-1.4.1-6.el7.x86_64 4 Compact 7

Verifying: openssh-7.4p1-13.el7_4.x86_64 5 Universe 7

Verifying: openssh-server-7.4p1-13.el7_4.x86_64 6 and 7

Verifying: 1:make-3.82-23.el7.x86_64

Installed:

Openssh-server.x86_64 0:7.4p1-13.el7_4 openssl

Dependency Installed:

Fipscheck.x86_64 0VOR 1.4.1-6.el7 fipscheck-lib.x86_64 0RU 1.4.1-6.el7 make.x86_64 1RU 3.82-23.el7

Complete!

5. Execute / usr/sbin/sshd-D, error:

[root@f2595a1c0aae /] # / usr/sbin/sshd-D

Could not load host key: / etc/ssh/ssh_host_rsa_key

Could not load host key: / etc/ssh/ssh_host_ecdsa_key

Could not load host key: / etc/ssh/ssh_host_ed25519_key

Sshd: no hostkeys available-- exiting.

6. Execute the following three commands:

Ssh-keygen-Q-t rsa-b 2048-f / etc/ssh/ssh_host_rsa_key-N''

Ssh-keygen-Q-t ecdsa-f / etc/ssh/ssh_host_ecdsa_key-N''

Ssh-keygen-t dsa-f / etc/ssh/ssh_host_ed25519_key-N''

[root@f2595a1c0aae /] # ssh-keygen-Q-t rsa-b 2048-f / etc/ssh/ssh_host_rsa_key-N''

[root@f2595a1c0aae /] # ssh-keygen-Q-t ecdsa-f / etc/ssh/ssh_host_ecdsa_key-N''

[root@f2595a1c0aae /] # ssh-keygen-t dsa-f / etc/ssh/ssh_host_ed25519_key-N''

Generating public/private dsa key pair.

Your identification has been saved in / etc/ssh/ssh_host_ed25519_key.

Your public key has been saved in / etc/ssh/ssh_host_ed25519_key.pub.

The key fingerprint is:

SHA256:U9G/RvoqxZtn/9oTzTwba8t8b3P2KoTYQ7nbC9aD7M4 root@f2595a1c0aae

The key's randomart image is:

+-[DSA 1024]-+

|. | |

|. | |

|. . | |

| | .o o |

| | S+ + o +. |

| | .o = oonymo + + |

| | = * o = * |

| | + o.room.roomB= | |

| | .E.o * + X / | |

+-[SHA256]-+

7.vi / etc/ssh/sshd_config modify configuration file

Change UsePAM yes to UsePAM no

Change UsePrivilegeSeparation sandbox to UsePrivilegeSeparation no

8. Change password passwd root

[root@f2595a1c0aae /] # passwd root

Changing password for user root.

New password:

BAD PASSWORD: The password is shorter than 8 characters

Retype new password:

Passwd: all authentication tokens updated successfully.

9.exit exit Container

10. Execute the submit command to generate the image docker commit-m "add sshd"-a "kehaojian" f2595a1c0aae sshd_centos

[root@HA2 kehj] # docker commit-m "add sshd"-a "kehaojian" f2595a1c0aae sshd_centos

Sha256:0ece1cad37782006b4175fb6f7268aac206d8729b6a844eabdd × × 40e904f9a

11. Execute docker images

[root@HA2 kehj] # docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

Sshd_centos latest 0ece1cad3778 8 seconds ago 293.3 MB

Nginx-docker v1 20c4d11561d3 11 hours ago 451.1 MB

Docker.io/nginx latest f895b3fb9e30 2 weeks ago 108.5 MB

Docker.io/centos latest 3fa822599e10 3 weeks ago 203.5 MB

Docker.io/ubuntu latest 747cb2d60bbe 11 weeks ago 122 MB

twelve。 test

[kehj@HA2] $ssh root@localhost-p 10022

The authenticity of host'[localhost]: 10022 ([: 1]: 10022) 'can't be established.

ECDSA key fingerprint is SHA256:wFHqfr8EPuT5cUla5cllCBf0HQ5GnTmZruj0LQI8VRg.

ECDSA key fingerprint is MD5:74:6a:da:84:64:35:50:78:c8:9a:38:de:45:f3:71:16.

Are you sure you want to continue connecting (yes/no)? Yes

Warning: Permanently added'[localhost]: 10022'(ECDSA) to the list of known hosts.

Root@localhost's password:

[root@e14d9841c1e6 ~] #

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.