J'ai tenté...
Dockerfile :
...
COPY /var/sshd_config /etc/ssh/sshd_config
RUN mkdir /etc/ssh/keys \
&& ssh-keygen -q -f /etc/ssh/keys/ssh_host_rsa_key -N '' -t rsa \
&& ssh-keygen -q -f /etc/ssh/keys/ssh_host_dsa_key -N '' -t dsa \
&& ssh-keygen -q -f /etc/ssh/keys/ssh_host_ecdsa_key -N '' -t ecdsa \
&& ssh-keygen -q -f /etc/ssh/keys/ssh_host_ed25519_key -N '' -t ed25519 \
&& chmod 0700 /etc/ssh \
&& chmod 0600 /etc/ssh/* /etc/ssh/keys \
&& service ssh start
SSHD_CONFIG (le tiens)_:
## Global
Port 22
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
Protocol 2
LogLevel INFO
HostKey /etc/ssh/keys/ssh_host_rsa_key
HostKey /etc/ssh/keys/ssh_host_dsa_key
HostKey /etc/ssh/keys/ssh_host_ecdsa_key
HostKey /etc/ssh/keys/ssh_host_ed25519_key
## Security
PermitRootLogin yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
PermitUserEnvironment yes
IgnoreRhosts yes
HostbasedAuthentication no
StrictModes yes
X11Forwarding no
Ciphers "aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com"
MACs "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com"
KexAlgorithms "diffie-hellman-group-exchange-sha256,curve25519-sha256@libssh.org"
Sur mon host j'ai :
id_rsa
id_rsa.pub
known_host
Je lance mon conteneur avec :
docker run -d --name container_test -p 222:22 -v /root/.ssh/id_rsa.pub:/root/.ssh/authorized_keys image_test
Et j'ai toujours cette erreur :
root@dockagerimage:~/.ssh# ssh -p 222 test@127.0.0.1
The authenticity of host '[127.0.0.1]:222 ([127.0.0.1]:222)' can't be established.
ECDSA key fingerprint is SHA256:ibm2L+3O6hMjSsQ7G6+BnRaYBKnMitefA9R+IwDg88g.
Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.
Dans le conteneur, il y a bien la clé authorized key dans /root/.ssh/authorized_keys :
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDvJ4XL3wmlnF58+O6xg5AcoQe2EYE34NjRF....
Si j'accepte manuellement le Host verification... la clé publique m'a connecté directement.
Donc la clé semble ok, mais le host verification non