Comments (9)
with wsl, we recommend putting config folders on the local linux filesystem, not windows or remote mounts so they don't go through an abstraction layer that can and do break things
from docker-openssh-server.
Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
from docker-openssh-server.
I suspect this is an issue specific to Synology because its ACLs use an underlying POSIX permissions of 0777 and the container isn't aware of the host ACLs so all it will see is the 0777 permissions mask.
from docker-openssh-server.
Just FYI, this is also happening on QNAP (QuTS Hero) when run in its Container Station (which is just a wrapper for Docker.)
Modifying the permissions in the config
volume does not work. Executing within the container itself I can see:
These files seem to be generated/contained within the Docker container env itself? Not sure how QNAP/Synology ACLs come into play...
from docker-openssh-server.
/config
is a persistent mount that exists on the host filesystem, where the ACLs are in effect but invisible to the container; all it sees are the POSIX permissions which are not what it expects to see because ACLs. The files in /etc/ssh are just symlinks to the actual files in /config.
from docker-openssh-server.
Ah, I see, didn't know about the symlinks (makes sense.) To address the problem, I did some changing of permissions via shell to make progress on this. I will try to share what I did and what I observed when I have the chance.
from docker-openssh-server.
This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
from docker-openssh-server.
I would like to add here (also most probably for my own reference) that I ran into this same issue while running under WSL. It took a very long search and a lot of digging for me to find a solution out. My problem was that for WSL the permissions changes are not reflected on the windows file system when you chmod somthing. However you can enable this by setting the metadata option, which will allow you to manipulate the permissions with chmod that are remembered.
The steps that I took to fix this was:
- Open a WSL terminal and elevate the permissions:
sudo -i
- Edit the wsl.conf of the distro with vi with
vi /etc/wsl.conf
- Add the section below it
[automount]
options = "metadata"
- Exit the terminal and stop the running wsl with in my case
wsl --terminate ubuntu
- Wait a few seconds and start a new terminal again.
- Navigate to the location where the config is stored and the ssh_host_keys are stored and execute
chmod 700 ./ssh_host_keys
chmod 600 ./ssh_host_keys/ssh_host*
to set the right permissions to start
from docker-openssh-server.
This issue is locked due to inactivity
from docker-openssh-server.
Related Issues (20)
- possible add root ssh login support HOT 1
- Providing static host keys prevents ssh server startup HOT 5
- openssh logs should not be accessible/removable by the user HOT 2
- Release 8.8_p1-r1-ls85 is broken HOT 1
- consider non-interactive key generation for testing purposes HOT 4
- Wrong behavior of password/passwordless sudo HOT 1
- Ability to forward a port with the -R (reverse) option HOT 3
- Running in Azure Container Instance is broken due to init use HOT 4
- [FEAT] Environment variables for remote user HOT 3
- [FEAT] Healthcheck for dockerfile HOT 2
- [BUG] grep error in logs HOT 10
- [BUG] Unable to start server on kubernetes using shareProcessNamespace with another container HOT 2
- [BUG] The UMASK environmental variable no longer works HOT 5
- [FEAT] Rootless mode HOT 7
- [BUG] Public key files from PUBLIC_KEY_DIR does not get imported HOT 3
- Unable to ChrootDirectory HOT 10
- [FEAT] How to disable user shell (sftp mode only) HOT 3
- [FEAT] Add another versioning support HOT 8
- [FEAT] Update openssh-server to 9.8_p1. The current version 9.7_p1 is affected by CVE-2024-6387 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-openssh-server.