I want to copy the client public keys for a container to a remote sftp server and after that attempt do some uploads to the server via bash script(the bash script will be invoked when the container runs).
The logic for copying client public keys and server host keys is in the Dockerfile below:
FROM alpine:3.2
WORKDIR /tmp
# Copy backup script
COPY dump.sh .
RUN chmod +x dump.sh
# Install sshtools
RUN apk add --update --no-cache openssh
RUN apk add --update --no-cache sshpass
#grab server host keys
RUN mkdir /root/.ssh/ &&\
chmod 700 /root/.ssh &&\
touch /root/.ssh/known_hosts &&\
ssh-keyscan -v -t rsa -p 2021 ftp.example.com >> /root/.ssh/known_hosts
#generate client public key
RUN cd /root/.ssh/ &&\
ssh-keygen -t rsa -C "TestKeys" -f test3 &&\
touch /root/.ssh/scanned_keys.txt &&\
cat /root/.ssh/known_hosts >> /root/.ssh/scanned_keys.txt
# set ssh permissions
RUN chmod 644 /root/.ssh/test3.pub
RUN chmod 600 /root/.ssh/test3
RUN chmod 644 /root/.ssh/known_hosts
RUN sshpass -p 'mypassword' ssh-copy-id -i /root/.ssh/test3.pub user@2ftp.example.com -p 2021
#RUN ls -la
I get an error ssh_exchange_identification: Connection closed by remote host on the build. Part of the build output :
=> CACHED [ 5/15] RUN apk add --update --no-cache openssh 0.0s
=> CACHED [ 6/15] RUN apk add --update --no-cache sshpass 0.0s
=> CACHED [ 7/15] RUN mkdir /root/.ssh/ && chmod 700 /root/.ssh && touch /root/.ssh/known_hosts 0.0s
=> CACHED [ 8/15] RUN cd /root/.ssh/ && ssh-keygen -t rsa -C "TestKeys" -f test3 && ssh-keyscan -v -t rsa -p 2021 ftp.example.com >> /root 0.0s
=> CACHED [ 9/15] RUN chmod 644 /root/.ssh/test3.pub 0.0s
> [15/15] RUN sshpass -p 'mypassword' ssh-copy-id -i /root/.ssh/test3.pub user@ftp.example.com -p 2021:
#19 0.543 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
#19 0.611 expr: warning: '^ERROR: ': using '^' as the first character
#19 0.611 of a basic regular expression is not portable; it is ignored
#19 0.612
#19 0.612 /usr/bin/ssh-copy-id: ERROR: ssh_exchange_identification: Connection closed by remote host
#19 0.612
------
executor failed running [/bin/sh -c sshpass -p 'mypassword' ssh-copy-id -i /root/.ssh/test3.pub user@ftp.example.com -p 2021]: exit code: 1
What I have tried so far :
Checking if the host keys are copied (yes they exist)
cat /root/.ssh/scanned_keys.txt
Running a variation of the command without ssh-copy-id to see if I can get more verbose output
RUN sshpass -p 'mypassword' ssh -p 2021 user@ftp.example.com
When I do this I get better output :
=> ERROR [17/17] RUN sshpass -p 'mypassword' ssh -p 2021 user@ftp.example.com 0.6s
[17/17] RUN sshpass -p 'mypassword' ssh -p 2021 user@ftp.example.com:
#21 0.539 Pseudo-terminal will not be allocated because stdin is not a terminal.
#21 0.578 ssh_exchange_identification: Connection closed by remote host
executor failed running [/bin/sh -c sshpass -p 'mypassword' ssh -p 2020 user@ftp.example.com]: exit code: 255
Checking the domain details for the server
nslookup ftp.example.com
I have run this on two consecutive day and the server's actual IP is dynamic (Should this affect anything if at all? )
- Try allocating a TTY on connection (same error)
=> ERROR [15/15] RUN sshpass -p 'mypassword' ssh -T -p 2021 user@ftp.example.com 0.7s
[15/15] RUN sshpass -p 'mypassword' ssh -T -p 2021 user@ftp.example.com:
#19 0.671 ssh_exchange_identification: Connection closed by remote host
My suspicion is they is some restrictions still on the server side. Unless there is something else I should be checking again from client side.
What am I missing?
