Dockssh, ssh into any container from anywhere

• For learning and fun
• Wasting some free time in my weekend :D
• For testing/staging/development environments

• Dockssh running on port 22022 on host example.com
• A user connects to container1 using dockssh from remote computer i.e ssh -p 22022 [email protected]
• Dockssh checks if the user provided password is the same as the one stored in redis key dockssh:container1:pass
• On success, Dockssh will open a PTY (pseudotty) to docker exec -it container1 /bin/sh

• No configurations files
• Simple & tiny
• Makes Dockssh loads configurations in realtime, no need to restart

• Linux
• Docker
• Redis

Download the binary from here

You need to get the dependencies using the command: go get github.com/alash3al/dockssh

On the host machine:

• Install Redis using the commands:
  Debian: sudo apt install redis
  RHEL: sudo yum install redis
• Create a container for testing, I will name it TestCont:
  sudo docker create --name TestCont -it ubuntu:latest bash
• Start the container:
  sudo docker start TestCont
• Set a password for the container over SSH:
  redis-cli set dockssh:TestCont:pass "mypass"
• Download the latest Dockssh binary from here.
• Rename the file to dockssh.
• Make it executable:
  chmod 775 dockssh
• Make sure to open the port in the firewall:
  sudo ufw allow 22022
• Run the server:
  ./dockssh
• You should see a message:
  Now listening on port: 22022

On the remote machine:

• Connect to your container:
  ssh TestCont@host_ip_address -p 22022
• Enter yes.
• Enter your password and press Enter.

You can make a service to run the dockssh in background

• Firlstly go to /etc/systemd/system:
  cd /etc/systemd/system
• Create a file named dockssh.service:
  sudo nano dockssh.service
• Paste the following code:
  

  [Unit]
  Description=Dockssh Service to listen for connections
  After=network.target
  
  [Service]
  type=simple
  Restart=always
  RestartSec=1
  User=root
  ExecStart=/root/dockssh
  
  [Install]
  WantedBy=multi-user.target
  

• Save the file with Ctrl+O then hit Enter
• Enable the service file:
  sudo systemctl enable dockssh.service
• Start the service:
  sudo systemctl start dockssh
• Make sure the service has started successfully:
  sudo systemctl status dockssh
  You should see something like:
  

  dockssh.service - Dockssh Service to listen for connections
  Loaded: loaded (/etc/systemd/system/dockssh.service; enabled; vendor preset: enabled)
  Active: active (running) since Wed 2020-01-08 04:40:36 UTC; 6h ago
  Main PID: 16132 (dockssh)
  Tasks: 17 (limit: 1109)
  CGroup: /system.slice/dockssh.service
         ├─16132 /root/dockssh
         └─16556 docker exec -it test2 bash
  

• Enjoy ^^