Initial custom-ssh-server Dockerfile

.gitignore

@@ -0,0 +1,4 @@
+/ssh-keys/id_ed25519
+/ssh-keys/id_ed25519.ppk
+/ssh-keys/id_rsa
+/ssh-keys/id_rsa.ppk

Dockerfile

@@ -0,0 +1,19 @@
+# Use the Alpine Linux base image
+FROM alpine:latest
+
+# Install OpenSSH and other utilities
+RUN apk update && \
+    apk add --no-cache openssh bash
+
+# Copy the custom script, sshd_config, and host keys
+COPY setup-ssh-user.sh /usr/local/bin/
+COPY ssh-host-keys/* /etc/ssh/
+COPY ssh-keys/*.pub /ssh-keys/
+COPY sshd_config /etc/ssh/
+RUN chmod +x /usr/local/bin/setup-ssh-user.sh
+
+# Expose SSH port
+EXPOSE 22
+
+# Set the script as the entrypoint and make it executable
+ENTRYPOINT ["/usr/local/bin/setup-ssh-user.sh"]

LICENSE.md

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) [2023] [Hariprasath Ravichandran]
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,73 @@
+# Custom SSH Server Docker Setup
+
+This repository contains a Docker setup for creating a custom SSH server based on Alpine Linux. The setup includes the ability to use static SSH host keys, configure SSH key and password authentication, and set up user-specific SSH key pairs.
+
+## Table of Contents
+
+- [Custom SSH Server Docker Setup](#custom-ssh-server-docker-setup)
+  - [Table of Contents](#table-of-contents)
+  - [Introduction](#introduction)
+  - [Prerequisites](#prerequisites)
+  - [Getting Started](#getting-started)
+  - [Usage](#usage)
+  - [Customization](#customization)
+  - [License](#license)
+
+## Introduction
+
+This project provides a Dockerized environment for creating a custom SSH server with the following features:
+
+- SSH key and password authentication
+- User-specific SSH key pair generation
+
+## Prerequisites
+
+Before you begin, ensure you have the following installed:
+
+- Docker: Follow the official [Docker installation guide](https://docs.docker.com/get-docker/) to install Docker on your system.
+
+## Getting Started
+
+1. **Clone the Repository**:
+
+   Clone this repository to your local machine:
+
+   ```bash
+   git clone https://github.com/haravich/custom-ssh-server.git
+   cd custom-ssh-server
+   ```
+
+2. **Customize Configuration**:
+
+    Modify the setup-ssh-user.sh script to customize user creation and SSH key settings.
+    Place your public key in the ssh-keys directory (needed).
+    Customize the sshd_config file to adjust SSH server settings.
+
+3. **Build and Run**:
+
+    Build the Docker image and run the container:
+
+    ```bash
+    docker build -t custom-ssh-server .
+    docker run -d -p 2222:22 -e SSH_USER=<desired_username> -e SSH_PASSWORD=<desired_password> custom-ssh-server
+    ```
+    Replace <desired_username> and <desired_password> with appropriate values.
+
+## Usage
+
+To connect to the SSH server:
+
+```bash
+ssh -i /path/to/private_key_file -p 2222 <desired_username>@localhost
+```
+Replace /path/to/private_key_file and <desired_username> with appropriate values.
+
+## Customization
+* Adjust the SSH server settings in the sshd_config file.
+* Customize the setup-ssh-user.sh script to modify user creation.
+
+## License
+This project is licensed under the [MIT License](LICENSE.md). See the [LICENSE.md](LICENSE.md) file for details.
+```
+Copy and paste this Markdown content into a file named README.md in the root of your repository. Feel free to adjust the formatting and content as needed for your project.
+```

setup-ssh-user.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+# Fetch username, password, and public key from environment variables
+SSH_USER="${SSH_USER:-}"
+SSH_PASSWORD="${SSH_PASSWORD:-}"
+SSH_PUBLIC_KEY="$(cat /ssh-keys/*.pub)"
+
+# Check if both username, password and public key are provided
+if [ -z "$SSH_USER" ] || [ -z "$SSH_PASSWORD" ] || [ -z "$SSH_PUBLIC_KEY" ]; then
+    echo "SSH_USER, SSH_PASSWORD and SSH_PUBLIC_KEY environment variables must be set."
+    exit 1
+fi
+
+# Create the user and set up password or public key authentication
+adduser -D -s /bin/bash "$SSH_USER"
+echo "$SSH_USER:$SSH_PASSWORD" | chpasswd
+mkdir -p /home/"$SSH_USER"/.ssh
+if [ -n "$SSH_PUBLIC_KEY" ]; then
+    echo "$SSH_PUBLIC_KEY" >> /home/"$SSH_USER"/.ssh/authorized_keys
+    chown -R "$SSH_USER":"$SSH_USER" /home/"$SSH_USER"/.ssh
+    chmod 700 /home/"$SSH_USER"/.ssh
+    chmod 600 /home/"$SSH_USER"/.ssh/authorized_keys       
+fi
+
+chmod 644 /etc/ssh/*.pub
+chmod 600 /etc/ssh/*_key
+
+# Start SSH service in the foreground
+/usr/sbin/sshd -D

ssh-host-keys/ssh_host_ecdsa_key

@@ -0,0 +1,9 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
+1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQT9lKQn1eBAQeffjitvXQBHcKTn8EmR
+rKEoABVKr00SberhCk3FxGKIiwuBDiQQbzgiHYAmelWIvWJeNvkxO0aTAAAAsMP8UW/D/F
+FvAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP2UpCfV4EBB59+O
+K29dAEdwpOfwSZGsoSgAFUqvTRJt6uEKTcXEYoiLC4EOJBBvOCIdgCZ6VYi9Yl42+TE7Rp
+MAAAAgfZtVjhB94Po0oo+GIadGJ5/5vcfvNdn7SL1pG0STLcsAAAARcm9vdEBjODA5YTZj
+YmZhODQBAgMEBQYH
+-----END OPENSSH PRIVATE KEY-----

ssh-host-keys/ssh_host_ecdsa_key.pub

@@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP2UpCfV4EBB59+OK29dAEdwpOfwSZGsoSgAFUqvTRJt6uEKTcXEYoiLC4EOJBBvOCIdgCZ6VYi9Yl42+TE7RpM= hostkey@local

ssh-host-keys/ssh_host_ed25519_key

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACBlo11irthdlZEmtd7LoyEdQI/8MVefLvJLQHhLtTyZBgAAAJgHO2/ZBztv
+2QAAAAtzc2gtZWQyNTUxOQAAACBlo11irthdlZEmtd7LoyEdQI/8MVefLvJLQHhLtTyZBg
+AAAEDovpuplk1uypclx8P1L4aBa1qzZJw3WnQOMzY9hqxj3WWjXWKu2F2VkSa13sujIR1A
+j/wxV58u8ktAeEu1PJkGAAAAEXJvb3RAYzgwOWE2Y2JmYTg0AQIDBA==
+-----END OPENSSH PRIVATE KEY-----

ssh-host-keys/ssh_host_ed25519_key.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWjXWKu2F2VkSa13sujIR1Aj/wxV58u8ktAeEu1PJkG hostkey@local

ssh-host-keys/ssh_host_rsa_key

@@ -0,0 +1,38 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAYEAytdldd1tDt4EGfd+cwZWMmiCPE07c2cKLEAoNNIQhicUdjf6vovJ
+23C7SBwaNqj9kG8nqsvOx/nEGk53NdTM819Ic4j7HAsANp5kEsFkFCMBaVY2gkFaVzpqqm
+gXr9WJCALvwVMO8Nceo2ic2fUQmy+ObCiu+l3ap+/pUtlCLJej2MB59QA4Oi3SGvUQWgCZ
+P6aGfnaRi6hlozxWkamTs3MFrD0XPunqcpgKQtw/otjLc7OZ1b0P0Qc1wRGHZIQJdHpwkq
+Sm0R83Qw+IXDHLYKDaVuRReYHHSmOdfprg4la4k8Kgggb+PWVQoDOAu+GKEbIFlrtBQHY3
+cnxBKLmsK49h7bzxjUsCMMOlupbNYy/Wldb3NLFsXRVPeNWPY2uLUDUA5KlEdr3NO6K9h5
+Fks9SLVCUQIc0UOY3GIUihU2IG7NHh/iNA/wMtUTfjOvT6weg4xK07bIaFnvxPo2ucYQHg
+ErI78lj99Cr+fIhthIWwoX+1r3WdTHawpni6Z9vTAAAFiIBJZo+ASWaPAAAAB3NzaC1yc2
+EAAAGBAMrXZXXdbQ7eBBn3fnMGVjJogjxNO3NnCixAKDTSEIYnFHY3+r6Lydtwu0gcGjao
+/ZBvJ6rLzsf5xBpOdzXUzPNfSHOI+xwLADaeZBLBZBQjAWlWNoJBWlc6aqpoF6/ViQgC78
+FTDvDXHqNonNn1EJsvjmworvpd2qfv6VLZQiyXo9jAefUAODot0hr1EFoAmT+mhn52kYuo
+ZaM8VpGpk7NzBaw9Fz7p6nKYCkLcP6LYy3OzmdW9D9EHNcERh2SECXR6cJKkptEfN0MPiF
+wxy2Cg2lbkUXmBx0pjnX6a4OJWuJPCoIIG/j1lUKAzgLvhihGyBZa7QUB2N3J8QSi5rCuP
+Ye288Y1LAjDDpbqWzWMv1pXW9zSxbF0VT3jVj2Nri1A1AOSpRHa9zTuivYeRZLPUi1QlEC
+HNFDmNxiFIoVNiBuzR4f4jQP8DLVE34zr0+sHoOMStO2yGhZ78T6NrnGEB4BKyO/JY/fQq
+/nyIbYSFsKF/ta91nUx2sKZ4umfb0wAAAAMBAAEAAAGAQbexjpNTzxpNN+CAnmGyMZi8gS
+8AkO4UVKvgmuRoKB6nOXn/ihaeKrOGaeF4+LadmFr6/hIUB6Q7Tc6YPt+YG02GmrAJs1c5
+FXkRsSXo98Ezpt4gwOjNjS9G+bjJ29USFX9mEDuJvqvjqEuvbcpBPBYXTaGMt18LBZfr/0
+SWdP4YPpR1rtQIY4kO5l75kj9ZZ07bikN9+kJv04gr//tx+BTPBLOyQVbl94Sc5naXQ3p7
+yBurPp2Hb1CnsMquE/nWxnTgmZCl5Gz6t98qqoQVEZzgIHoplwJKY9XB28XgaRxk7y9LS/
+Iy8Dcl6R1GGkhKEw5J33XWLFq7caBMmLOdgIuRlMm+esTIWa/r9OB5YycvN45hcw0ht3HT
+O87NPhudiBe4SsTk1rLJXmjal3hqhxNfLpLR+OKzafSiFsdUMRIEfL418IgqzVVffIoVPY
+RrxmmBn+WfrXROweih+Gj5CqNqvKwPpPuxIzni6YrKCV6/Yt2hAiruMQobb8BmclopAAAA
+wH88SNaRVLAjBhABsfFWN6b+SSpD1EmGo7iN8k9v/imHmachHCbJbnvgkwO4hECTuaKm2w
+r2PA/3uhhrcOHF3/MVa2wMtc8cq+Qidh6EajjUenB+/KGDoFoRlDd8T92duApwNj6XkNo2
+Vw8B3vI4GpjBm1DozofvCYEJVJY8R4IFpqG1O5jrIAzuaVK7HdxpRsBUfpl81H5z57kUIZ
+5N3tl1DUCIyo09b9jmA3RtVqqpDzyhion3+bK3ZbJ2cGvkkAAAAMEA8bH0Subn7hVZvrzq
+trx7LSSPLMa+hf2lpk4BBdCSq4HK+QbHEzYJmoFpOhgbPDYCzVDu+AY8X03Xtv8x/AM8ST
+TBbMqLWMI1sY1LYnl+tBp4mL9hFKQSZfjzasc2egnU3y/JhwTShj38xbN4V+iHqcfiaAx+
+SeZNeVSdvVtUw92Iyr10i8j0OI9fjWyg/B1ZqGOGQl75KmjUT9dD/Kz87EJLphoBDPhNYh
+AtSfw1ZfhqJ5JgSjSM10jXVjVQerZ/AAAAwQDW2L/RCjpVpq9jxWCI4wveDWlHJQMf7znv
+BvEgq8aWphNDOTWLDyIoS/CPDKLu1xW/w2Ae4quPp9DU/dWRVdksZ8qW38S2JyBC4JX3jy
+fXeoS3yHI3Es3JfmWDBIhU7eBOTlwSkziErkGDl5sfWMhngI7O3tkBbb9gVfLahhHmYjJc
+EGqd0NyLnRBhERsdPo3JbzAM9G3wUs/Yn2Lnux748dDHa5SMk3WEmdhORQqgol2LoErx30
+rJ1nGwF4yReK0AAAARcm9vdEBjODA5YTZjYmZhODQBAg==
+-----END OPENSSH PRIVATE KEY-----

ssh-host-keys/ssh_host_rsa_key.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDK12V13W0O3gQZ935zBlYyaII8TTtzZwosQCg00hCGJxR2N/q+i8nbcLtIHBo2qP2Qbyeqy87H+cQaTnc11MzzX0hziPscCwA2nmQSwWQUIwFpVjaCQVpXOmqqaBev1YkIAu/BUw7w1x6jaJzZ9RCbL45sKK76Xdqn7+lS2UIsl6PYwHn1ADg6LdIa9RBaAJk/poZ+dpGLqGWjPFaRqZOzcwWsPRc+6epymApC3D+i2Mtzs5nVvQ/RBzXBEYdkhAl0enCSpKbRHzdDD4hcMctgoNpW5FF5gcdKY51+muDiVriTwqCCBv49ZVCgM4C74YoRsgWWu0FAdjdyfEEouawrj2HtvPGNSwIww6W6ls1jL9aV1vc0sWxdFU941Y9ja4tQNQDkqUR2vc07or2HkWSz1ItUJRAhzRQ5jcYhSKFTYgbs0eH+I0D/Ay1RN+M69PrB6DjErTtshoWe/E+ja5xhAeASsjvyWP30Kv58iG2EhbChf7WvdZ1MdrCmeLpn29M= hostkey@local

ssh-keys/id_ed25519.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOsn8rHuoLekmpACn1yqlDfKQ9/SJvnLIBUeytcDWWC6 user@local

ssh-keys/id_rsa.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRc4cykJxHZATwOaadf7OEAsI/A5g2sKpgl/zg39iuE7nj3fZdYtxfrqoi2ekTpm58L7M7Civ00S/F3LqAGgq13K7q5Z6m4KZ4QSdK/gfUkcK1N4WpwhSkHJGEytooo5PxtOx38IrRBQ2VIJTM3zTnAF17XNSC1XgQKqwOgQKxT869oXZ92IWHyvgjTu1XwwVOK2nO/xV5ZZoNuSAU4+EyezQP60lnGPuvMMlge77KwkSWGjbNc5rxiESmWS3J+XyW87ctz336nqVbXgKMgNJeELIlSZfEdBRL1/7nNobpX9DL/WcN2sm07+u9lTXplSIVkwBB0IAuH6ZK81zVaXY5Njlb1FMTrDZ7Vpx8O6ajXJyWKSjVZUlLM+sXUI742WsR8C1yVGj2JWUOm6fa9ROnjsZmMM7muWOPD1aibL89AP34VPmblVf80+q4VAPmKyXisN8lgpd6tJ4HscMnL0quoJYFD4B0bfsUwUQcEPYZB7L+JjXnZ/HvD/tnVtZL3I8= user@local

sshd_config

@@ -0,0 +1,5 @@
+# sshd_config
+PermitRootLogin no
+PasswordAuthentication yes
+PubkeyAuthentication yes
+StrictModes no