SSH into a docker container from another container on a different host

Question

I have a docker container running on an EC2 host, and another running on another ec2 host. How do I ssh from one to another, without providing any port numbers? I want to do something like ssh root@ip-address-of-container

To do this, your second container would need an IP address which is routable from the first container. Since Docker's out-of-the-box behaviour is to use private IP addresses, this is non-trivial. This is why people tend to map the port to a different port number on the outer host. An alternative is to use an 'overlay network', for instance weave. (I work for weave) — Bryan, Nov 11 '14 at 10:09
Also, ssh server needs to be installed and started inside the container. ssh doesn't work out of the box in containers the way it does in a regular distro. — Dharmit, Nov 11 '14 at 12:14
@Dharmit - Yes, I have SSH servers running in the containers. I can SSH from the host to the container, or from an external computer to the container by giving the mapped port. What I want to achieve is to ssh by giving the ip address of the docker container — user1016313, Nov 12 '14 at 02:53
Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. — jww, Jun 25 '17 at 03:13

score 6 · Answer 1 · answered Nov 18 '14 at 15:57

For you to be able to ssh into the second container on port 22 you would need get the host ec2 vm's ssh daemon out of the way.

One way is to change your host machine's ssh port by adding an entry in /etc/ssh/sshd_config to something like 3022. Now you can use -p 22:22 when you run your docker container(s) and be able to ssh between them. However, ssh`ing the ec2 instance is on 3022.
If you would like to keep host-vms also ssh enabled on port 22 you will then need to create a second virtual ethernet interface. This is easy to do if you are able to set static IPs. something like ifconfig eth0:0 192.168.1.11 up. However, in ec2 this won't be possible as you have DHCP based IPs.

The third way is to setup your .ssh/config file to map to the non standard port. It does not allow you to ssh over port 22 but at least you don't have to know about the non-standard port. Here is a tutorial, and relevant parts are below.

# contents of $HOME/.ssh/config
Host other_docker
    HostName ec2-host-name-of-other-docker.com
    Port 22000
    User some_user

    # must be added to authorized keys on other docker host for some_user
    IdentityFile ~/.ssh/this-docker-private-key

Now you can just do ssh other_docker

score 0 · Accepted Answer · answered Nov 20 '14 at 09:43

0

Open vswitch was the easiest solution! - https://goldmann.pl/blog/2014/01/21/connecting-docker-containers-on-multiple-hosts/

answered Nov 20 '14 at 09:43

user1016313

1,274
2
15
26

score -1 · Answer 3 · answered Sep 09 '19 at 18:44

-1

I haven't tested this yet, but you might be able to do something like ssh hostUser@xxx.xxx.xxx.xxx 'ssh containerUser@xxx.xxx.xxx.xxx' using ssh's command parameter.

answered Sep 09 '19 at 18:44

mikeLundquist

769
1
12
26

SSH into a docker container from another container on a different host

3 Answers3