I have private service that I would like to access via SSH.
This private service has R and a bunch of command line tools installed, and I am using Net::SSH to upload files and run commands there from my main application.
This works file locally, but when I try to access my private service from within my webservice on a deployed Render environment, I cannot connect via SSH. How should I enable it on the private service?
Definitely an interesting scenario and not something that I’ve seen asked before. This is outside of ‘typical usage’ but let’s see.
The goods news is that I got this working between a web service and a private service.
In my Dockerfile I made sure that SSH was installed and that a user existed:
RUN apk add --no-cache opensshRUN echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_configRUN adduser -h /home/john -s /bin/sh -D johnRUN echo -n 'john:password' | chpasswd
On the private service I made sure that the ssh daemon was running, for the experiment I just ran
/usr/sbin/sshd in a shell tab (check
ps to make sure it’s running)
And then from the other service:
$ssh john@test-ssh-serviceThe authenticity of host 'test-ssh-service (10.131.155.240)' can't be established.ED25519 key fingerprint is SHA256:hBz2xq1yPJr0/o45goz1GoHl0GGvuzkn6EOA1zy4vtY.This key is not known by any other namesAre you sure you want to continue connecting (yes/no/[fingerprint])? yesWarning: Permanently added 'test-ssh-service' (ED25519) to the list of known hosts.john@test-ssh-service's password: Welcome to Alpine!The Alpine Wiki contains a large amount of how-to guides and generalinformation about administrating Alpine systems.See <http://wiki.alpinelinux.org/>.You can setup the system with the command: setup-alpineYou may change this message by editing /etc/motd.srv-cho80r02qv295pss5h70-d79f7b54-dm5ks:~$ lssrv-cho80r02qv295pss5h70-d79f7b54-dm5ks:~$ cd /srv-cho80r02qv295pss5h70-d79f7b54-dm5ks:/$ lsapp bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
This is probably a fairly untrodden path but hopefully, this will get you on the right path
Let me know how you get on?
Render Support, UTC+1
Thank you. The image I am using is based on Ubuntu so I had to change your steps a bit. But I got SSHD to run (using supervisord).
However, I am unable to establish a connection, and by using sshd -d i was able to pinpoint a problem with the following:
linux_audit_write_entry failed: Operation not permitted
from what I understand, this is an issue with the docker host configuration.
Like I said, this is definitely not typical usage, I’m going to ask internally to see if I can get any more info for you here.
Render Support, UTC+1
I tried using an Alpine image, and it does solve the SSH problem. I even got R and the required libraries compiled.
But i seem to hit a wall when installing PyTorch which relies on glibc while Alpine provides musl instead.
While investigating the differences between SSH on Alpine and Ubuntu, I found out that ubuntu access
auditd which is not available in a docker image.
So I switched to a different SSH server,
dropbear, which does not.
This solved my problem. Thank you for the pointers!
Simco Technologies Inc.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.