Tech

How to enable remote SSH log in for OnApp Container Servers

Raymond Paxton

Raymond Paxton
Director of Product Strategy

A few customers have asked how to enable remote login via SSH for OnApp container servers – so here’s a short guide.

(For more information on container servers, check out this post on running Docker in OnApp, and this post on using containers with Amazon machine images.)

By default, login via SSH requires that you enter a SSH key in the cloud-config.

This can be done in a couple of ways. First, by adding the following lines to your cloud-config and changing the string after ‘ssh-rsa’ to the public ssh key:

ssh_authentication_keys:
 - “ssh-rsa AAAAB3NzaC1yc2EAASADAQABFGABAQC0g+ZTm+h..”

Or, you have the option to create new user accounts  using SSH login in the ‘users’ section of the cloud-config, which would normally look something like:

users:
 - name: "OnApp"
 passwd: "$6$5s2u6/jR$un0AvWnqiYHZmfi3LDKVltj.E8XNKEcwWm..."
 groups:
 - "sudo"
 - "docker"
 primary-group: "docker"
 homedir: "/home/OnApp"

… to use SSH key authentication instead of a password for the user, replace the ‘passwd’ line with the ‘ssh-authorized-keys’ line, like so:

users:
- name: "OnApp"
ssh-authorized-keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAeoIJLUafOgrm+h..."
groups:
- "sudo"
- "docker"
primary-group: "docker"
homedir: "/home/OnApp"

Finally, if you want to allow root login, you could add the following to your cloud-config. This will allow you to login with the root username and the password set by OnApp, during deployment, to the container server via SSH:

write_files:
 - path: /etc/ssh/sshd_config
 permissions: 0600
 owner: root:root
 content: |
 PermitRootLogin yes
 AllowUsers root
 PasswordAuthentication yes
 ChallengeResponseAuthentication no

I hope this helps with your configuration. Stay tuned for more posts on different ways to configure container servers.