I want to copy the client public keys for a container to a remote sftp server and after that attempt do some uploads to the server via bash script(the bash script will be invoked when the container runs).
The logic for copying client public keys and server host keys is in the Dockerfile below:
FROM alpine:3.2
WORKDIR /tmp
# Copy backup script
COPY dump.sh .
RUN chmod +x dump.sh
# Install sshtools
RUN apk add --update --no-cache openssh
RUN apk add --update --no-cache sshpass
#grab server host keys
RUN mkdir /root/.ssh/ &&\
chmod 700 /root/.ssh &&\
touch /root/.ssh/known_hosts &&\
ssh-keyscan -v -t rsa -p 2021 ftp.example.com >> /root/.ssh/known_hosts
#generate client public key
RUN cd /root/.ssh/ &&\
ssh-keygen -t rsa -C "TestKeys" -f test3 &&\
touch /root/.ssh/scanned_keys.txt &&\
cat /root/.ssh/known_hosts >> /root/.ssh/scanned_keys.txt
# set ssh permissions
RUN chmod 644 /root/.ssh/test3.pub
RUN chmod 600 /root/.ssh/test3
RUN chmod 644 /root/.ssh/known_hosts
RUN sshpass -p 'mypassword' ssh-copy-id -i /root/.ssh/test3.pub [email protected] -p 2021
#RUN ls -la
I get an error ssh_exchange_identification: Connection closed by remote host on the build. Part of the build output :
=> CACHED [ 5/15] RUN apk add --update --no-cache openssh 0.0s
=> CACHED [ 6/15] RUN apk add --update --no-cache sshpass 0.0s
=> CACHED [ 7/15] RUN mkdir /root/.ssh/ && chmod 700 /root/.ssh && touch /root/.ssh/known_hosts 0.0s
=> CACHED [ 8/15] RUN cd /root/.ssh/ && ssh-keygen -t rsa -C "TestKeys" -f test3 && ssh-keyscan -v -t rsa -p 2021 ftp.example.com >> /root 0.0s
=> CACHED [ 9/15] RUN chmod 644 /root/.ssh/test3.pub 0.0s
> [15/15] RUN sshpass -p 'mypassword' ssh-copy-id -i /root/.ssh/test3.pub [email protected] -p 2021:
#19 0.543 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
#19 0.611 expr: warning: '^ERROR: ': using '^' as the first character
#19 0.611 of a basic regular expression is not portable; it is ignored
#19 0.612
#19 0.612 /usr/bin/ssh-copy-id: ERROR: ssh_exchange_identification: Connection closed by remote host
#19 0.612
------
executor failed running [/bin/sh -c sshpass -p 'mypassword' ssh-copy-id -i /root/.ssh/test3.pub [email protected] -p 2021]: exit code: 1
What I have tried so far :
Checking if the host keys are copied (yes they exist)
cat /root/.ssh/scanned_keys.txt
Running a variation of the command without ssh-copy-id to see if I can get more verbose output
RUN sshpass -p 'mypassword' ssh -p 2021 [email protected]
When I do this I get better output :
=> ERROR [17/17] RUN sshpass -p 'mypassword' ssh -p 2021 [email protected] 0.6s
[17/17] RUN sshpass -p 'mypassword' ssh -p 2021 [email protected]:
#21 0.539 Pseudo-terminal will not be allocated because stdin is not a terminal.
#21 0.578 ssh_exchange_identification: Connection closed by remote host
executor failed running [/bin/sh -c sshpass -p 'mypassword' ssh -p 2020 [email protected]]: exit code: 255
Checking the domain details for the server
nslookup ftp.example.com
I have run this on two consecutive day and the server's actual IP is dynamic (Should this affect anything if at all? )
- Try allocating a TTY on connection (same error)
=> ERROR [15/15] RUN sshpass -p 'mypassword' ssh -T -p 2021 [email protected] 0.7s
[15/15] RUN sshpass -p 'mypassword' ssh -T -p 2021 [email protected]:
#19 0.671 ssh_exchange_identification: Connection closed by remote host
My suspicion is they is some restrictions still on the server side. Unless there is something else I should be checking again from client side.
What am I missing?