使用密钥连接到 docker openssh-server：权限被拒绝（publickey，keyboard-interactive）

Question

我正在尝试使用 ssh 连接到 docker 容器中的 openssh-server：

$ docker run -d \
  --name=openssh-server \
  --hostname=openssh-server \
  -e PUID=1000 \
  -e PGID=1000 \
  -e PUBLIC_KEY_FILE=/home/hakon/.ssh/id_rsa.pub \
  -e SUDO_ACCESS=false \
  -e PASSWORD_ACCESS=false \
  -e USER_NAME=hakonh \
  -p 2222:2222 \
  --restart unless-stopped \
  lscr.io/linuxserver/openssh-server

$ docker inspect -f "{{ .NetworkSettings.IPAddress }}" openssh-server
172.17.0.2

$ ping -c 3  172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.071 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.039 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.059 ms    
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2028ms
rtt min/avg/max/mdev = 0.039/0.056/0.071/0.013 ms

$ ssh -i /home/hakon/.ssh/id_rsa -p 2222 hakonh@172.17.0.2
The authenticity of host '[172.17.0.2]:2222 ([172.17.0.2]:2222)' can't be established.
ECDSA key fingerprint is SHA256:6xSuNXvqvL1XM7d8//s1TN+OWb6GLdstA+PUpFlqP8M.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[172.17.0.2]:2222' (ECDSA) to the list of known hosts.
hakonh@172.17.0.2: Permission denied (publickey,keyboard-interactive).

我在这里错过了什么？为什么我不允许使用私钥连接到服务器？

Answer 1

您使用的环境变量 PUBLIC_KEY_FILE 的值 /home/hakon/.ssh/id_rsa.pub 指示您的 ssh 服务器使用此文件作为您的授权密钥，但是据我所知，您的 docker 无权访问此文件，因为我认为它是文件在您系统中的路径，而不是在您的 docker 中。我建议您使用卷与 docker 共享此文件，或将其复制到从 lscr.io/linuxserver/openssh-server.

构建的映像中