0

I need to throw the ssh folder with the keys in docker.

Dockerfile:

       FROM python:3.6-alpine3.12
       RUN mkdir /code && mkdir /data
       ADD . /code
       WORKDIR /code
       RUN pip3 install -r requirement &&  apk add git
       RUN mkdir /root/.ssh && -v ~/.ssh:/root/.ssh
       RUN apk add -y wget

Error when building:

/bin/sh: illegal option -
The command '/bin/sh -c -v ~/.ssh:/root/.ssh returned a non-zero code: 2
dejanualex
  • 3,872
  • 6
  • 22
  • 37
  • 1
    `-v` is an option specifically to the `docker run` shell command. You can't specify it in a Dockerfile or embed it in `RUN` lines. – David Maze Aug 25 '20 at 10:23
  • Does this answer your question? [Using SSH keys inside docker container](https://stackoverflow.com/questions/18136389/using-ssh-keys-inside-docker-container) – dejanualex Aug 25 '20 at 12:21

1 Answers1

-1

The shell does not recognize the command -v ~/.ssh:/root/.ssh

Try this:

FROM python:3.6-alpine3.12
ADD . /code
WORKDIR /code
RUN pip3 install -r requirement && \ 
        apk add -y git wget && \
        mkdir /data
        
COPY $HOME/.ssh /root/.ssh

PS: I added some Dockerfile's optimization for you

EDIT:

  • Copying sensitive data into your container is not a good idea unless you really know what you are doing.
  • If your application needs to connect to a remote server you own it would be better to generate new keys for it specifically and distribute them on your server (public key).
Iduoad
  • 895
  • 4
  • 15
  • Bad practices in terms of security ( .ssh folder under root) . This allows for unrestricted container management, which means you can do things like install system packages, edit config files, bind privileged ports, – dejanualex Aug 25 '20 at 11:56
  • My answer was mainly targeting "the technical docker related aspect" .i.e Explaining why the error showed off and how to fix it, again from a dockerfile stand point. In my answer, the .ssh will be copied into the container's root and will give the container access to the user's ssh config and keys (which are encrypted most of the cases). I don't say that this a good or bad practice, but it is surely not common especially in production environments. – Iduoad Aug 25 '20 at 12:17
  • Also the [link](https://engineering.bitnami.com/articles/why-non-root-containers-are-important-for-security.html) you copied your comment from say nothing about ssh. So no need to downvote. – Iduoad Aug 25 '20 at 12:18