September 26, 20205 yr Application Name: Openssh-server Application Site: https://www.openssh.com/ Docker Hub: https://hub.docker.com/r/linuxserver/openssh-server/ Github: https://github.com/linuxserver/docker-openssh-server Please post any questions/issues relating to this docker you have in this thread. If you are not using Unraid (and you should be!) then please do not post here, rather use the linuxserver.io forum for support.
May 4, 20215 yr How can this be configured to listen on multiple ports? It seems to ignore /etc/ssh/sshd_config
May 5, 20215 yr 20 hours ago, jj_uk said: How can this be configured to listen on multiple ports? It seems to ignore /etc/ssh/sshd_config It can't. Setup multiple containers if you want more servers.
May 5, 20215 yr Thanks for the reply. It's not possible at the moment, but if this https://github.com/linuxserver/docker-openssh-server/pull/42#issuecomment-832987767 gets merged, it will be possible to open multiple ports easily by forwarding any required ports in the template, and adding them to a 'OPENSSH_PORT_STRING' variable.
May 6, 20215 yr 9 hours ago, jj_uk said: Thanks for the reply. It's not possible at the moment, but if this https://github.com/linuxserver/docker-openssh-server/pull/42#issuecomment-832987767 gets merged, it will be possible to open multiple ports easily by forwarding any required ports in the template, and adding them to a 'OPENSSH_PORT_STRING' variable. Why do you need multiple ports? The container can't handle multiple users, so I don't see the value. If you read aptalcas comment, you can see that you can do this with the customizing option we have in our containers. Edited May 6, 20215 yr by saarg
May 8, 20215 yr What i'm trying to achieve is to set the ssh-server up so that it can be used as a tunnel to several raspberry pi's that are behind routers on different networks. From each device, create and copy key to openssh-server: User 1 ssh-keygen -t rsa -b 2048 -E sha512 ssh-copy-id user1@<duckdns to unraid> -p 2222 Add to startup: sudo autossh -M 0 -q -T -N -i /home/user1/.ssh/id_rsa -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 12345:localhost:22 user1@<duckdns to unraid> -p 2222 User 2 ssh-keygen -t rsa -b 2048 -E sha512 ssh-copy-id user2@duckdns to unraid> -p 2222 Add to startup: sudo autossh -M 0 -q -T -N -i /home/user2/.ssh/id_rsa -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 12345:localhost:22 user2@<duckdns to unraid> -p 2222 But as the container only has one user/password, so can't copy the key for the 2nd user. Is there a config file in openssh-server that can be used to set up multiple users on the server?
May 8, 20215 yr 1 hour ago, jj_uk said: What i'm trying to achieve is to set the ssh-server up so that it can be used as a tunnel to several raspberry pi's that are behind routers on different networks. From each device, create and copy key to openssh-server: User 1 ssh-keygen -t rsa -b 2048 -E sha512 ssh-copy-id user1@<duckdns to unraid> -p 2222 Add to startup: sudo autossh -M 0 -q -T -N -i /home/user1/.ssh/id_rsa -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 12345:localhost:22 user1@<duckdns to unraid> -p 2222 User 2 ssh-keygen -t rsa -b 2048 -E sha512 ssh-copy-id user2@duckdns to unraid> -p 2222 Add to startup: sudo autossh -M 0 -q -T -N -i /home/user2/.ssh/id_rsa -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 12345:localhost:22 user2@<duckdns to unraid> -p 2222 But as the container only has one user/password, so can't copy the key for the 2nd user. Is there a config file in openssh-server that can be used to set up multiple users on the server? Our containers are not multi user. Why not set up multiple containers?
May 8, 20215 yr At the moment, there are 3 remote devices, but if successful, I can see that growing to probably 20 devices. So, my options are linux VM or a basic linux container that I can add users to.
May 8, 20215 yr 12 minutes ago, jj_uk said: At the moment, there are 3 remote devices, but if successful, I can see that growing to probably 20 devices. So, my options are linux VM or a basic linux container that I can add users to. While visually unappealing in the list, multiple containers are very resource friendly, as the bits are reused across all the containers. Being able to manage them as separate entities but still use virtually the same amount of space as a single container is the upside of using granular containers.
May 8, 20215 yr 1 hour ago, jonathanm said: While visually unappealing in the list, multiple containers are very resource friendly, as the bits are reused across all the containers. Being able to manage them as separate entities but still use virtually the same amount of space as a single container is the upside of using granular containers. Ok i'll try this. It would be good if dockers could be placed into minimizable groups to avoid the visually unappealing aspect. Edited May 8, 20215 yr by jj_uk
May 9, 20215 yr 6 hours ago, jj_uk said: It would be good if dockers could be placed into minimizable groups to avoid the visually unappealing aspect.
August 7, 20214 yr I am trying to use this docker to set up a reverse SSH tunnel so I can access remote hosts that are behind NAT. But no matter what I always get this error and the tunnel is not created: pi@piaware:~ $ ssh -i ~/.ssh/my_key -R 10022:localhost:2222 [email protected] -p 2222 Warning: remote port forwarding failed for listen port 10022 Welcome to OpenSSH Server 758869fae143:~$ I tested creating a reverse SSH tunnel to a normal Ubuntu host and it worked fine. Where I am I going wrong with the docker?
August 28, 20214 yr Looks like using a ssh key pair is not working? Added my public key file using the specific variable and double checked its addition via /config/.ssh/authorized_keys by connecting to the console which looks to have been added. However using both putty from Windows or my ssh app on my ipad gives me an the error that no authentication method error. I took the same public key and added it to a raspberry pi I used for various testing of things. Once it was added I then tried the same two apps to connect and both immediately worked. Is there a setting that needs to be changed in the /config folder to allow authentication via key files? Tried even using ssh from within the container to login using the same username and I get the same error when specifying the key. Edited August 28, 20214 yr by texanman
November 10, 20214 yr Hi, I have been using this docker on unRAID for a while now. I intended to install a second instance of the docker but when searching for it in the APP section I can't find it. It seems as if this docker has been removed from the unRAID repository? Is it removed or have I made some error? And if it's removed then why? Regards
November 10, 20214 yr On 8/28/2021 at 10:08 PM, texanman said: Looks like using a ssh key pair is not working? Added my public key file using the specific variable and double checked its addition via /config/.ssh/authorized_keys by connecting to the console which looks to have been added. However using both putty from Windows or my ssh app on my ipad gives me an the error that no authentication method error. I took the same public key and added it to a raspberry pi I used for various testing of things. Once it was added I then tried the same two apps to connect and both immediately worked. Is there a setting that needs to be changed in the /config folder to allow authentication via key files? Tried even using ssh from within the container to login using the same username and I get the same error when specifying the key. Hi. I have managed to get certificate based authentication working. The client that is supposed to connect shall use the private key not the public key.
November 10, 20214 yr On 8/28/2021 at 10:08 PM, texanman said: Looks like using a ssh key pair is not working? Added my public key file using the specific variable and double checked its addition via /config/.ssh/authorized_keys by connecting to the console which looks to have been added. However using both putty from Windows or my ssh app on my ipad gives me an the error that no authentication method error. I took the same public key and added it to a raspberry pi I used for various testing of things. Once it was added I then tried the same two apps to connect and both immediately worked. Is there a setting that needs to be changed in the /config folder to allow authentication via key files? Tried even using ssh from within the container to login using the same username and I get the same error when specifying the key. If you changed the parameter "Password Access" to false it means that password authentication is then disabled. If you then try to connect with a client that doesn't use a certificate to authenticate then you will get the "no authentication method" error. If using putty to connect you need to setup putty to use the private key when connecting and also if you used a password to protect the certificates with (entered during creation) you need to enter the same password to putty, if not then putty will not be able to use the certificate. Good luck.
January 28, 20224 yr How does this openssh container avoid the "chroot" before ssh authentication? I tried to create a container from a ubuntu 18.04 base image and install openssh-server inside the container so that I can ssh into the container. However, my seccomp rule does not allow syscal "chroot" and I get this error log "fatal: chroot("/run/sshd"): Operation not permitted [preauth]" from /var/log/auth.log. This error indicates that ssh-server tries to run "chroot" before authentication (ssh client log shows "connection reset" before authentication) but failed because of permission issue. I also tried openssh container image without providing "chroot" in seccomp but I have no issue. I access into the openssh container as root and tried to manually run "chroot" and I have no permission to do that. This tells me that ssh-server inside openssh container does not run "chroot" when establishing the connection. 1. Why does openssh-server try to chroot to /run/sshd inside ubuntu container? This "chroot" before authentication is different from the "chroot" that could be ran after authentication and can be configed inside /etc/ssh/sshd_config file. 2. What is the change that ssh-server, inside openssh container, have made to avoid using "chroot"? Thanks
June 11, 20224 yr I can't seem to find this container within the Apps section in Unraid. It's still available from DockerHub. Has the template for Unraid been removed for some reason?
July 23, 20223 yr On 6/11/2022 at 1:55 PM, Darkguy said: I can't seem to find this container within the Apps section in Unraid. It's still available from DockerHub. Has the template for Unraid been removed for some reason? Same question here. I just uploaded a version of it using the repository version as base: https://github.com/linuxserver/docker-templates/blob/master/linuxserver.io/openssh-server.xml It's working perfectly so far and available in the Community Applications tab. Edited July 23, 20223 yr by djismgaming
July 24, 20223 yr Is there a way to use the docker mod linuxserver/mods:universal-cloudflared with this container to have SSH access via CGNAT? I tried with my version and get repeating error: s6-envuidgid: fatal: unknown user: abc I've seen this user "abc" in other linuxserver docker containers. Edited July 24, 20223 yr by djismgaming
November 2, 20223 yr On 8/7/2021 at 7:13 PM, absolute_badger said: I am trying to use this docker to set up a reverse SSH tunnel so I can access remote hosts that are behind NAT. But no matter what I always get this error and the tunnel is not created: pi@piaware:~ $ ssh -i ~/.ssh/my_key -R 10022:localhost:2222 [email protected] -p 2222 Warning: remote port forwarding failed for listen port 10022 Welcome to OpenSSH Server 758869fae143:~$ I tested creating a reverse SSH tunnel to a normal Ubuntu host and it worked fine. Where I am I going wrong with the docker? Hi all, I have exactly the same problem, trying to achieve exactly the same thing. Is there any solution? @absolute_badger, have you managed to setup a reverse SSH tunnel after all ? With thanks, OP
November 3, 20223 yr On 8/7/2021 at 7:13 PM, absolute_badger said: I am trying to use this docker to set up a reverse SSH tunnel so I can access remote hosts that are behind NAT. But no matter what I always get this error and the tunnel is not created: pi@piaware:~ $ ssh -i ~/.ssh/my_key -R 10022:localhost:2222 [email protected] -p 2222 Warning: remote port forwarding failed for listen port 10022 Welcome to OpenSSH Server 758869fae143:~$ I tested creating a reverse SSH tunnel to a normal Ubuntu host and it worked fine. Where I am I going wrong with the docker? Folks at linuxserver.io actually made a mod to enable reverse ssh tunneling: https://github.com/linuxserver/docker-mods/tree/openssh-server-ssh-tunnel To use it, you should add the following variable: DOCKER_MODS=linuxserver/mods:openssh-server-ssh-tunnel as well as an extra port (the 10022 forwarding port in your case) to your docker container configuration. With regards, OP
July 10, 20232 yr Good Day, perhaps you have an idea what my problem could be. I successfully connected to the the openssh server, but i have no file access. Nowhere in the docker container, even not in folder I specifically shared with read/write permissions. Do you have a clue what the issue might be?
July 9, 20241 yr Anyone know if there's a chance of an update to OpenSSH in this image? Has it been abandoned?
May 12, 20251 yr I've been using this docker container for a while, but it stopped working for me a while back. I get a connection refused error. I didn't make any changes to the docker container settings between it working and not working. What can I do?
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.