Skip to content
/ lxd-ssh-gateway Public

Forward incoming ssh connections for a single user into containers

License

GPL-3.0 license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Dweller/lxd-ssh-gateway

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
bin
bin
 
 
etc
etc
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
authorized_keys.example
authorized_keys.example
 
 

Repository files navigation

lxd-ssh-gateway

Forward incoming ssh connections for a single user into containers

Very simple example which demonstrates the concept..

My recomendation for the LXD host configuration for /etc/ssh/sshd_config are:-

  PasswordAuthentication no
  PermitUserEnvironment yes

Then add a 'sandbox' user on your Linux server...

Then install the ~sandbox/bin/gw, ~sandbox/etc/notice and a ~sandbox/.ssh/authorised_keys Limitation with this method is a key can only be used to forward to a single container. See the authorized_keys.example for the command="$HOME/bin/gw ssh-rsa syntax.

Make sure the permissions/ownership are correct..

  #chown -R sandbox:sandbow ~sandbox
  #chmod -R g-rewx,o-rwx ~ssandbox/bin

The containers I've been building are Ubuntu 20.10 they don't need to run ssh to work nor do they need networking.

e.g.

   #lxc launch ubuntu:20.10 container-X

Assuming thats all installed and working some examples of usage:-

ssh -i ~/.ssh/priv.key sandbox@<host address/ip>
sftp -i ~/.ssh/priv.key sandbox@<host address/ip>
scp -i ~/.ssh/priv.key /etc/hosts sandbox@<host address/ip>:

About

Forward incoming ssh connections for a single user into containers

Resources

Readme

License

GPL-3.0 license
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages