I have a docker container which bind the port 2222:22. It's possible to connect using ssh -T sub.example.com -p 2222.
I'm looking for a way to access ssh the container without specify the port number. I thought this could be done with a DNS record.
I set a DNS record SRV _ssh._tcp.sub 5 10022 sub.example.com to my domain in the admin interface of my provider, this does not work.
Is there a way to do that?
You need clients that actually use SRV records as well and as far as I know none of the (common) SSH clients do ...
Very few common applications/protocols actually support SRV records.
Instead: edit your ssh clients configuration file ~/.ssh/config make an entry for that host and you at least will no longer have to explicitly specify the port number on the commandline every time you need to connect:
#~/.ssh/conf
Host sub.example.com
HostName sub.example.com
Port 2222
...
and then ssh sub.example.com
I am using wrapsrv together with ProxyCommand and socat to use SRV records for determination of connection endpoint:
Host *.my.domain
ProxyCommand wrapsrv _ssh._tcp.%h socat STDIO TCP:%%h:%%p
The advantage is that both scp and sftp should use it from ssh config file.
Please note that SRV record needs THREE integers: priority, weight and port, not two as you are showing in your question.
Some people wanted to solve the same issue as you and made a wrapper. I didn't test those tools, but from reading them, they do look up and use the port information. (They might even do more: doing ssh to the name defined in the SRV record, can end up in a different hostname if the record was so defined.). Now supporting other commands (scp, sftp...) or multiple hosts is not supported there.
Introduction
ssh-srv-wrapper is bash shell script which tries to find a SSH SRV record for the first host and uses what is found rather than what was passed (if a valid record is found).
sshsrv is a simple program to lookup and connect to an SSH endpoint via DNS SRV records.
