Access DNIF Container via SSH
Similar to any NIX server, the DNIF container also allows a user to login using SSH on a custom ssh (tcp/826) port. However, this is only possible from the host machine.
Login to your DNIF container
The first step is to login to the DNIF container.
- Open a terminal window on your host machine and ssh using the root user to the mapped ssh port i.e. tcp/826
$ssh [email protected] -p 826
Next, you shall get a prompt to enter you password where you have to enter the password as :
A new bash prompt should open up for you. This signifies that you now have access within the container. You can check out the console output below, which describes all the required commands to execute in sequence and their corresponding outputs:
root >docker-compose up -d Creating comp-dnif-a10 root >ssh [email protected] -p 826 [email protected]'s password: Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.10.0-35-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. [email protected]:~#
Understanding the connection between host machine and docker container
Docker container uses port 826 of the host machine. The host machine in turn connects over default SSH port 22 with the docker container via ssh port 826.
The recommended method to connect to your docker container is:
- First connect to the host machine via ssh port 22
- Then connect to the container via the host machine to ssh port 826 (see diagram above)
Change the login password of Docker container
You can also change the password for the container, but it will only be effective till the container is reset/restarted. Once the container is reset or restarted, then the container login password shall change back to the default password
tSV67BZ7bJKnme4 as per the original configuration.
Changing default SSH port of the container
We can’t change the Docker container SSH port, as port 826 is exposed during compilation of the container. If anyone changes SSH port from the sshd_config file, the port shall change but the user will be unable to login, as the port is unexposed.
Securing SSH connection
For a secured connection it is recommended to set UFW ( Unix Firewall ) rules to only allow authorised IP addresses to connect to Docker port 826 on host machine. This rule shall deny un-authorized accesses to the Docker. You can execute the queries below :-
$ufw default allow incoming $ufw deny in on eth0 to any port 826 proto tcp
Note : Where ‘eth0’ is the name of your NIC card.
[email protected]:/home/dnif/docker-compose/ATEN# ufw default allow incoming Default incoming policy changed to 'allow' (be sure to update your rules accordingly) [email protected]:/home/dnif/docker-compose/ATEN# ufw deny in on enp0s3 to any port 826 proto tcp Rules updated Rules updated (v6) [email protected]:/home/dnif/docker-compose/ATEN# ufw enable Command may disrupt existing ssh connections. Proceed with operation (y|n)? Y Firewall is active and enabled on system startup [email protected]:/home/dnif/docker-compose/ATEN# ufw status Status: active To Action From -- ------ ---- 826/tcp on enp0s3 DENY Anywhere 826/tcp (v6) on enp0s3 DENY Anywhere (v6)
Need more than just text help? Watch a walkthrough video for accessing your Docker container below :