-
-
Save udkyo/c20935c7577c71d634f0090ef6fa8393 to your computer and use it in GitHub Desktop.
| FROM ubuntu | |
| RUN apt update \ | |
| && apt install -y firefox \ | |
| openssh-server \ | |
| xauth \ | |
| && mkdir /var/run/sshd \ | |
| && mkdir /root/.ssh \ | |
| && chmod 700 /root/.ssh \ | |
| && ssh-keygen -A \ | |
| && sed -i "s/^.*PasswordAuthentication.*$/PasswordAuthentication no/" /etc/ssh/sshd_config \ | |
| && sed -i "s/^.*X11Forwarding.*$/X11Forwarding yes/" /etc/ssh/sshd_config \ | |
| && sed -i "s/^.*X11UseLocalhost.*$/X11UseLocalhost no/" /etc/ssh/sshd_config \ | |
| && grep "^X11UseLocalhost" /etc/ssh/sshd_config || echo "X11UseLocalhost no" >> /etc/ssh/sshd_ | |
| config | |
| RUN echo "YOUR_PUB_KEY_HERE" >> /root/.ssh/authorized_keys | |
| ENTRYPOINT ["sh", "-c", "/usr/sbin/sshd && tail -f /dev/null"] |
Very cool, thanks for sharing!
VERY cool indeed. I have been pulling my hair out trying to get X11 forwarded from a docker image. This works beautifully. Thanks!
Have you tried using X11 forwarding from this container to a remote client (meaning a computer besides the host machine)? I'm trying to figure out why my slightly different setup isn't working. Maybe your information will help me out. Otherwise, very cool!
I wanted to use a password rather than a key and I was behind an http proxy, so I added those to my solution.
If you would rather use a password like I did, create a file called password.txt in the folder that you are building the docker image from. The content of the file should be your password followed by a unix new line (LF). Note that this is probably much less secure, but security was not an issue for my situation.
If you are behind an http proxy, uncomment the line that is commented out and input your proxy settings. This proxy setting only applies to apt, so if you want to access the internet via firefox, you will need to change additional proxy settings.
FROM ubuntu
COPY password.txt /
# uncomment following line to use an http proxy
# RUN echo 'Acquire::http::Proxy "INSERT HTTP PROXY";' > /etc/apt/apt.conf
RUN apt update \
&& apt install -y firefox \
openssh-server \
xauth \
&& mkdir /var/run/sshd \
&& mkdir /root/.ssh \
&& chmod 700 /root/.ssh \
&& sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \
&& sed -i "s/^.*X11Forwarding.*$/X11Forwarding yes/" /etc/ssh/sshd_config \
&& sed -i "s/^.*X11UseLocalhost.*$/X11UseLocalhost no/" /etc/ssh/sshd_config \
&& grep "^X11UseLocalhost" /etc/ssh/sshd_config || echo "X11UseLocalhost no" >> /etc/ssh/sshd_config \
&& cat /password.txt /password.txt | passwd \
&& rm /password.txt
EXPOSE 22
ENTRYPOINT ["sh", "-c", "/usr/sbin/sshd && tail -f /dev/null"]
Will this work on a Windows Host/Linux Container configuration?
I think it can be worked on Linux container configuration.
And I'm not sure this will be worked on Windows container configuration :).
Thank you so much for your work! However when I tried to run this it threw this error:
Error: no DISPLAY environment variable specified
Do you have any idea why this has happened?
Could you specify FROM ubuntu:18.04 on the line 1 of Dockerfile and build & run again? Thanks.
It still returns me the same error.
Do you use following steps? I use following steps and it's worked successfully.
- Download
Dockerfileand it's referenced by that. - Using the
docker build -t firefox .to build this Docker image. - Using the
docker run -itd -p 2222:22 firefoxto run above Docker image as the container. - Using the
ssh -X root@127.0.0.1 -p 2222command on the container host and make sure SSH client enables X11 forwarding on the container host. - And the result of captured will be as follows:
@Tangolin try exporting the DISPLAY variable before running the SSH command:
export DISPLAY=localhost:0.0
Or try ssh with X11 forwarding via PuTTY: https://datacadamia.com/ssh/x11/display
@peter279k I tried using that dockerfile instead and building by your instructions, it returns the following error
New password: Retype new password: Password change aborted.
passwd: Authentication token manipulation error
passwd: password unchanged
The command '/bin/sh -c apt update && apt install -y firefox openssh-server xauth && mkdir /var/run/sshd && mkdir /root/.ssh && chmod 700 /root/.ssh && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && sed -i "s/^.*X11Forwarding.*$/X11Forwarding yes/" /etc/ssh/sshd_config && sed -i "s/^.*X11UseLocalhost.*$/X11UseLocalhost no/" /etc/ssh/sshd_config && grep "^X11UseLocalhost" /etc/ssh/sshd_config || echo "X11UseLocalhost no" >> /etc/ssh/sshd_config && cat /password.txt /password.txt | passwd && rm /password.txt' returned a non-zero code: 10
I think I did follow it step by step without any other manipulations. I am rather new to this so very sorry if I am making some stupid mistake.
@AutomationMusician I do have X11 forwarding via PuTTY, ran xclock on the remote server and could get the display on my local machine.
Do you have the password.txt file? It seems that you don't have the password.txt file and this file and Dockerfile are same file path.
And the sample password.txt file contents are as follows:
your-password
Oh I have managed to get past the password part, appears I didn't add the UNIX newline character, thank you so much for you help!
Very helpful stuff here but the the content has traveled some since the initial post. Steps I used:
- @AutomationMusician's April 2018 post with the password file trick
- @peter279k's suggestion to use
FROM ubuntu:18.04(edit: just tried again with 22.04 and it was fine) and his other steps on July 16, 2021. If you ssh in without filrefox on the end you can just type it at the terminal
Note that if you're working in a text editor that automatically adds a newline, like vim, don't add a blank line as it will do that for you (and the blank line will break it).
Might come back for the ssh keys-based method later.
I'm on MacOS and it's interesting to me that nowhere was the DISPLAY environment variable mentioned, or volume informations specified (e.g., '-v /tmp/.X11-unix:/tmp/.X11-unix'). These were huge red herrings in my attempts to figure this out.
Thanks. It also works for foreign architecture.
To get up and running, build it, then:
docker run -it --rm -p 2150:22 firefoxAdd this to ~/.ssh/config on the client
Connect from client with:
ssh -X root@abc firefox