SSH mongodb container

I’m trying to SSH into a container running the official mongodb image. When I run the following:

ssh -i ~/.ssh/id_render -vvv <redacted-service-name>@ssh.<redacted-region-name>.render.com

I can’t get past this error message:

Authenticated to ssh.<redacted-region-name>.render.com ([<redacted-ip>]:22) using "publickey".
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Entering interactive session.
debug1: pledge: filesystem
debug3: send packet: type 1
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t3 nr0 i0/0 o0/0 e[write]/0 fd 7/8/9 sock -1 cc -1 io 0x00/0x00)

Connection to ssh.<redacted-region-name>.render.com closed by remote host.
Connection to ssh.<redacted-region-name>.render.com closed.
Transferred: sent 1976, received 1224 bytes, in 7.8 seconds
Bytes per second: sent 252.8, received 156.6
debug1: Exit status -1

I’ve verified that the ~/.ssh directory is writeable and that the authorized_principals contains render.

Any ideas on what I can do?

Hi @jarredwitt,

We do have some limitations with SSH on Docker services: Connecting with SSH | Render · Cloud Hosting for Developers

It’s possible you may be running into one of those, so I would check to confirm.

I do believe that our mongodb example requires some modifications to get SSH working. For reference, the following modifications to the example dockerfile should allow ssh to work

FROM mongo:4.2

USER mongodb
RUN mkdir ~/.ssh
RUN chmod 0700 ~/.ssh
RUN chmod 0700 ~

Let me know if this helps, or if you require further assistance.

Best,

Thanks for the response. I’ve added those commands to my Dockerfile, but I’m still getting the same error. I took a look at the limitations and saw this line:

A disk may not be mounted to the $HOME directory of the running user.

Does that mean a disk should not be mounted to the $HOME directory?

Hi Jarred,

That’s correct - it looks like the dockerfile for the Mongodb image defines /data/db as the home directory for the mongodb user. This is also where the disk is mounted, which is an issue, because we need the home directory to have permissions 700.

You may need to define a different directory as the home within your Dockerfile. I believe you can do this with

RUN usermod -d <path> mongodb
ENV HOME=<path>

Let me know if this helps.

Hi Jade,

Thanks for the help! I was able to get it working and indeed it was the mounted disk that was causing the issue. I was able to use your solution with a small modification. When I tried to change the HOME for the mongodb user I kept getting a “is currently used by process” error. So I changed my dockerfile to the following and it’s working as expected.

RUN useradd -rm -d /home/<user> -s /bin/bash -g root -u 1001 <user>
USER <user>
ENV HOME=/home/rox
RUN mkdir ~/.ssh
RUN chmod 0700 ~/.ssh
RUN chmod 0700 ~

Thanks again.

Hi Jarred,

Nice! I’m happy to hear you were able to get it working - and thanks for sharing your solution as well!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.