Re: Running sshd in a Docker Container on Openshift

2017-08-06 Thread Aleksandar Kostadinov
https://lists.mindrot.org/pipermail/openssh-unix-dev/2017-March/035906.html https://lists.mindrot.org/pipermail/openssh-unix-dev/2017-August/036168.html Looks like running as non-privileged user will continue to be supported, just not as a single process and not with the old option. Fedora 26

Re: Running sshd in a Docker Container on Openshift

2017-07-13 Thread Tobias Florek
Hi! > Where do you read OpenSSH is dropping that mode? I forget to include the list. See https://www.openssh.com/txt/release-7.5, UsePrivilegeSeparation. I understand that that will kill using it as non-root. Cheers, Tobias Florek ___ users mailing

Re: Running sshd in a Docker Container on Openshift

2017-07-11 Thread Aleksandar Kostadinov
You sure? Where do you read OpenSSH is dropping that mode? Tobias Florek wrote on 07/11/17 13:07: Hi! I have a container (based on centos), that runs openssh's sftp server as random uid for use in openshift (using nss-wrapper). Unfortunately OpenSSH is going to drop running as non-root in

Re: Running sshd in a Docker Container on Openshift

2017-07-11 Thread Tobias Florek
Hi! I have a container (based on centos), that runs openssh's sftp server as random uid for use in openshift (using nss-wrapper). Unfortunately OpenSSH is going to drop running as non-root in the next major version because they think non-root container sshd is a bad idea (I don't know why). See

Re: Running sshd in a Docker Container on Openshift

2017-07-10 Thread Graham Dumpleton
> On 10 Jul 2017, at 11:55 PM, Itamar Turner-Trauring > wrote: > > It is possible to run sshd on OpenShift, if other options don't work - we do > it as part of the Telepresence remote debugging tool we built for OpenShift > and Kubernetes (https://telepresence.io

Re: Running sshd in a Docker Container on Openshift

2017-07-10 Thread Aleksandar Kostadinov
Hi, you can use http for file transfer as well and communicate server password through a secret in the project. It is indeed possible to run an SSH server inside OpenShift. Just a little tricky. I've a blog about it [1]. [1]

Re: Running sshd in a Docker Container on Openshift

2017-07-10 Thread Itamar Turner-Trauring
It is possible to run sshd on OpenShift, if other options don't work - we do it as part of the Telepresence remote debugging tool we built for OpenShift and Kubernetes (https://telepresence.io). Here's a shortened (and untested) Dockerfile: - FROM alpine:3.5 RUN mkdir -p /usr/src/app

Re: Running sshd in a Docker Container on Openshift

2017-07-10 Thread Isuru Haththotuwa
Thank you all for the responses. I'll check these options. On Mon, Jul 10, 2017 at 4:13 AM, Graham Dumpleton wrote: > Anther ad-hoc way of moving data between pods is possible if you have > 'netcat' tools installed in image for each application. > > Look at the example in:

Re: Running sshd in a Docker Container on Openshift

2017-07-09 Thread Graham Dumpleton
Anther ad-hoc way of moving data between pods is possible if you have 'netcat' tools installed in image for each application. Look at the example in: http://www.microhowto.info/howto/copy_a_file_from_one_machine_to_another_using_netcat.html

Re: Running sshd in a Docker Container on Openshift

2017-07-09 Thread Graham Dumpleton
If your applications are in the same project, you may find it easier to mount an extra persistent volume temporarily in the source pod. Access the pod using 'oc rsh' and copy the files into that persistent volume and then detach it from that pod. Then mount the persistent volume into the target

Re: Running sshd in a Docker Container on Openshift

2017-07-09 Thread Clayton Coleman
oc rsync is not always appropriate, since the communication has to go through the master. If you're doing 40gb db backups via rsync you'd want to choose a different mechanism, at least until we add direct exec session support in the future On Jul 9, 2017, at 2:13 PM, Ben Parees

Re: Running sshd in a Docker Container on Openshift

2017-07-09 Thread Ben Parees
if nothing else you can make the oc binary available within one pod and then run oc rsync from within that pod to sync to a different pod. On Sun, Jul 9, 2017 at 12:27 PM, Aleksandar Lazic wrote: > Hi Isuru Haththotuwa. > > on Sonntag, 09. Juli 2017 at 16:10 was written: >

Re: Running sshd in a Docker Container on Openshift

2017-07-09 Thread Jeff Cantrill
This may be of interest to you: https://docs.openshift.com/enterprise/3.1/admin_guide/manage_scc.html#enable-images-to-run-with-user-in-the-dockerfile On Sun, Jul 9, 2017 at 6:03 AM Isuru Haththotuwa wrote: > Hi, > > I'm trying to do $subject. Using the minimal docker

Re: Running sshd in a Docker Container on Openshift

2017-07-09 Thread Isuru Haththotuwa
Hi Marko, On Sun, Jul 9, 2017 at 4:29 PM, Marko Lukša wrote: > There's no need to run sshd. Use oc rsh or oc exec. > Thanks for the reply. However, I am trying to run a rsync pull from a different pod to this particular pod, that is the reason why I'm trying to run sshd.

Running sshd in a Docker Container on Openshift

2017-07-09 Thread Isuru Haththotuwa
Hi, I'm trying to do $subject. Using the minimal docker sample found at [1]. While this works perfectly in bare docker, when I'm trying to run on Openshift it fails with the error [2]. When I tried to re-create the ssh keys at startup with *ssh-keygen -A*, gave me the error [3]. I read that