用commit方式构建具有sshd服务的centos镜像-创新互联

1.从远程仓库中pull centos镜像

网站建设哪家好,找成都创新互联公司!专注于网页设计、网站建设、微信开发、小程序开发、集团企业网站建设等服务项目。为回馈新老客户创新互联还提供了兴宁免费建站欢迎大家使用!

docker pull centos

2.查询镜像docker images

[root@HA2 kehj]# docker images

REPOSITORY      TAG         IMAGE ID       CREATED       SIZE

nginx-docker     v1          20c4d11561d3     11 hours ago     451.1 MB

docker.io/nginx   latest        f895b3fb9e30     2 weeks ago     108.5 MB

docker.io/centos   latest        3fa822599e10     3 weeks ago     203.5 MB

docker.io/ubuntu   latest        747cb2d60bbe     11 weeks ago     122 MB

3.启动centos容器 docker run -i -t centos /bin/bash

[root@HA2 kehj]# docker run -i -t centos /bin/bash

[root@f2595a1c0aae /]#

4.安装sshd服务

[root@f2595a1c0aae /]# yum install passwd openssl openssh-server -y

Loaded plugins: fastestmirror, ovl

base                                             | 3.6 kB  00:00:00

extras                                            | 3.4 kB  00:00:00

updates                                            | 3.4 kB  00:00:00

(1/4): extras/7/x86_64/primary_db                               | 145 kB  00:00:01

(2/4): base/7/x86_64/group_gz                                 | 156 kB  00:00:01

(3/4): updates/7/x86_64/primary_db                              | 4.6 MB  00:00:15

(4/4): base/7/x86_64/primary_db                                | 5.7 MB  00:00:23

Determining fastest mirrors

* base: mirrors.163.com

* extras: mirrors.163.com

* updates: mirrors.163.com

Package passwd-0.79-4.el7.x86_64 already installed and latest version

Resolving Dependencies

--> Running transaction check

---> Package openssh-server.x86_64 0:7.4p1-13.el7_4 will be installed

--> Processing Dependency: openssh = 7.4p1-13.el7_4 for package: openssh-server-7.4p1-13.el7_4.x86_64

--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-7.4p1-13.el7_4.x86_64

--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-7.4p1-13.el7_4.x86_64

--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-7.4p1-13.el7_4.x86_64

---> Package openssl.x86_64 1:1.0.2k-8.el7 will be installed

--> Processing Dependency: make for package: 1:openssl-1.0.2k-8.el7.x86_64

--> Running transaction check

---> Package fipscheck-lib.x86_64 0:1.4.1-6.el7 will be installed

--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-6.el7.x86_64

---> Package make.x86_64 1:3.82-23.el7 will be installed

---> Package openssh.x86_64 0:7.4p1-13.el7_4 will be installed

---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed

--> Running transaction check

---> Package fipscheck.x86_64 0:1.4.1-6.el7 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================================

Package              Arch          Version             Repository        Size

====================================================================================================================

Installing:

openssh-server          x86_64         7.4p1-13.el7_4         updates         458 k

openssl              x86_64         1:1.0.2k-8.el7         base          492 k

Installing for dependencies:

fipscheck             x86_64         1.4.1-6.el7           base           21 k

fipscheck-lib           x86_64         1.4.1-6.el7           base           11 k

make               x86_64         1:3.82-23.el7          base          420 k

openssh              x86_64         7.4p1-13.el7_4         updates         509 k

tcp_wrappers-libs         x86_64         7.6-77.el7           base           66 k

Transaction Summary

====================================================================================================================

Install  2 Packages (+5 Dependent packages)

Total download size: 1.9 M

Installed size: 4.9 M

Downloading packages:

warning: /var/cache/yum/x86_64/7/base/packages/fipscheck-lib-1.4.1-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY

Public key for fipscheck-lib-1.4.1-6.el7.x86_64.rpm is not installed

(1/7): fipscheck-lib-1.4.1-6.el7.x86_64.rpm                          |  11 kB  00:00:00

(2/7): fipscheck-1.4.1-6.el7.x86_64.rpm                            |  21 kB  00:00:00

Public key for openssh-7.4p1-13.el7_4.x86_64.rpm is not installed         ] 206 kB/s | 681 kB  00:00:06 ETA

(3/7): openssh-7.4p1-13.el7_4.x86_64.rpm                           | 509 kB  00:00:01

(4/7): tcp_wrappers-libs-7.6-77.el7.x86_64.rpm                        |  66 kB  00:00:01

(5/7): openssl-1.0.2k-8.el7.x86_64.rpm                            | 492 kB  00:00:02

(6/7): openssh-server-7.4p1-13.el7_4.x86_64.rpm                        | 458 kB  00:00:03

(7/7): make-3.82-23.el7.x86_64.rpm                              | 420 kB  00:00:04

--------------------------------------------------------------------------------------------------------------------

Total                                        403 kB/s | 1.9 MB  00:00:04

Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Importing GPG key 0xF4A80EB5:

Userid   : "CentOS-7 Key (CentOS 7 Official Signing Key) "

Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5

Package   : centos-release-7-4.1708.el7.centos.x86_64 (@CentOS)

From    : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

Installing : fipscheck-1.4.1-6.el7.x86_64                                   1/7

Installing : fipscheck-lib-1.4.1-6.el7.x86_64                                 2/7

Installing : openssh-7.4p1-13.el7_4.x86_64                                   3/7

Installing : 1:make-3.82-23.el7.x86_64                                     4/7

Installing : tcp_wrappers-libs-7.6-77.el7.x86_64                                5/7

Installing : openssh-server-7.4p1-13.el7_4.x86_64                               6/7

Installing : 1:openssl-1.0.2k-8.el7.x86_64                                   7/7

Verifying  : fipscheck-lib-1.4.1-6.el7.x86_64                                 1/7

Verifying  : 1:openssl-1.0.2k-8.el7.x86_64                                   2/7

Verifying  : tcp_wrappers-libs-7.6-77.el7.x86_64                                3/7

Verifying  : fipscheck-1.4.1-6.el7.x86_64                                   4/7

Verifying  : openssh-7.4p1-13.el7_4.x86_64                                   5/7

Verifying  : openssh-server-7.4p1-13.el7_4.x86_64                               6/7

Verifying  : 1:make-3.82-23.el7.x86_64

Installed:

openssh-server.x86_64 0:7.4p1-13.el7_4                                    openssl

Dependency Installed:

fipscheck.x86_64 0:1.4.1-6.el7      fipscheck-lib.x86_64 0:1.4.1-6.el7      make.x86_64 1:3.82-23.el7

Complete!

5.执行 /usr/sbin/sshd -D,报错:

[root@f2595a1c0aae /]# /usr/sbin/sshd -D

Could not load host key: /etc/ssh/ssh_host_rsa_key

Could not load host key: /etc/ssh/ssh_host_ecdsa_key

Could not load host key: /etc/ssh/ssh_host_ed25519_key

sshd: no hostkeys available -- exiting.

6.执行以下三条命令:

ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''

ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''

ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key  -N ''

[root@f2595a1c0aae /]# ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''

[root@f2595a1c0aae /]# ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''

[root@f2595a1c0aae /]# ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key  -N ''

Generating public/private dsa key pair.

Your identification has been saved in /etc/ssh/ssh_host_ed25519_key.

Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub.

The key fingerprint is:

SHA256:U9G/RvoqxZtn/9oTzTwba8t8b3P2KoTYQ7nbC9aD7M4 root@f2595a1c0aae

The key's randomart image is:

+---[DSA 1024]----+

|      ..   |

|      ..   |

|      .. .  |

|     .o  o  |

|     S+ + o +.|

|     .o=o= o++|

|      =*o=  *|

|     +o.=.*B=|

|     .E.o*+X/|

+----[SHA256]-----+

7.vi /etc/ssh/sshd_config 修改配置文件

UsePAM yes 修改为 UsePAM no

UsePrivilegeSeparation sandbox 修改改为 UsePrivilegeSeparation no

8.修改密码passwd root

[root@f2595a1c0aae /]# passwd root

Changing password for user root.

New password:

BAD PASSWORD: The password is shorter than 8 characters

Retype new password:

passwd: all authentication tokens updated successfully.

9.exit退出容器

10.执行提交命令,生成镜像 docker commit -m "add sshd" -a "kehaojian" f2595a1c0aae  sshd_centos

[root@HA2 kehj]# docker commit -m "add sshd" -a "kehaojian" f2595a1c0aae  sshd_centos

sha256:0ece1cad37782006b4175fb6f7268aac206d8729b6a844eabdd×××40e904f9a

11.执行docker images

[root@HA2 kehj]# docker images

REPOSITORY      TAG         IMAGE ID       CREATED       SIZE

sshd_centos     latest        0ece1cad3778     8 seconds ago    293.3 MB

nginx-docker     v1          20c4d11561d3     11 hours ago     451.1 MB

docker.io/nginx   latest        f895b3fb9e30     2 weeks ago     108.5 MB

docker.io/centos   latest        3fa822599e10     3 weeks ago     203.5 MB

docker.io/ubuntu   latest        747cb2d60bbe     11 weeks ago     122 MB

12.测试

[kehj@HA2 ~]$ ssh root@localhost -p 10022

The authenticity of host '[localhost]:10022 ([::1]:10022)' can't be established.

ECDSA key fingerprint is SHA256:wFHqfr8EPuT5cUla5cllCBf0HQ5GnTmZruj0LQI8VRg.

ECDSA key fingerprint is MD5:74:6a:da:84:64:35:50:78:c8:9a:38:de:45:f3:71:16.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '[localhost]:10022' (ECDSA) to the list of known hosts.

root@localhost's password:

[root@e14d9841c1e6 ~]#

另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。


本文名称:用commit方式构建具有sshd服务的centos镜像-创新互联
标题来源:http://hbruida.cn/article/dehose.html