Unable to ssh localhost within a running Docker container

Question

I'm building a Docker image for an application which requires to ssh into localhost (i.e ssh user@localhost)

I'm working on a Ubuntu desktop machine and started with a basic ubuntu:16.04 container. Following is the content of my Dockerfile:

FROM ubuntu:16.04

RUN apt-get update && apt-get install -y \
        openjdk-8-jdk \
        ssh && \
        groupadd -r custom_group && useradd -r -g custom_group -m user1

USER user1

RUN ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N "" && \
        cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

Then I build this container using the command:

docker build -t test-container .

And run it using:

docker run -it test-container

The container opens with the following prompt and the keys are generated correctly to enable ssh into localhost:

user1@0531c0f71e0a:/$ 
user1@0531c0f71e0a:/$ cd ~/.ssh/
user1@0531c0f71e0a:~/.ssh$ ls
authorized_keys  id_rsa  id_rsa.pub

Then ssh into localhost and greeted by the error:

user1@0531c0f71e0a:~$ ssh user1@localhost
ssh: connect to host localhost port 22: Cannot assign requested address

Is there anything I'm doing wrong or any additional network settings that needs to be configured? I just want to ssh into localhost within the running container.

I guess you choose wrong package name ie. ssh instead of openssh-server — Rupesh, May 31 '17 at 06:35
Do you use IP v6? Try `ssh -4 -v` to add verbose and force IP v4 — user2915097, May 31 '17 at 06:35
Hi @rups I changed 'ssh' to 'openssh-server', still plagued by the same error :\ — Akshay, May 31 '17 at 06:43
Hi @user2915097, I added the flags to the command and got: `user1@4117512c2196:/$ ssh -4 -v user1@localhost OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to localhost [127.0.0.1] port 22. debug1: connect to address 127.0.0.1 port 22: Connection refused debug1: Connecting to localhost [127.0.0.1] port 22. debug1: connect to address 127.0.0.1 port 22: Connection refused ssh: connect to host localhost port 22: Connection refused ` — Akshay, May 31 '17 at 06:45
Hi @rups, thank you for your suggestion. The ssh service wasn't started. I added an ENTRYPOINT command to start the service. Thank you so much — Akshay, May 31 '17 at 07:04

Yordan Georgiev · Answer 1 · 2019-06-27T12:47:14.337

First you need to install the ssh server in the image building script:

RUN sudo apt-get install -y openssh-server

Then you need to start the ssh server:

RUN sudo /etc/init.d/ssh start

or probably even in the last lines of the Dockerfile ( you must have one binary instantiated to keep the container running ... )

 USER root
 CMD [ "sh", "/etc/init.d/ssh", "start"]

on the host than

# init a container from an the image
run -d --name my-ssh-container-name-01 \
    -v /opt/local/dir:/opt/container/dir my-image-01

score 4 · Answer 2 · answered Oct 19 '17 at 16:23

4

As @user2915097 stated in the OP comments, this was due to the ssh instance in the container was attempting to connect to the host using IPv6. Forcing connection over IPv4 using -4 solved the issue.

$ docker run -it ubuntu ssh -4 user@hostname

answered Oct 19 '17 at 16:23

sshow

8,820
4
51
82

Can we set SSH to use IPV4 as default? – Raptor0009 Nov 21 '20 at 15:17
@Raptor0009 yes, with the option `AddressFamily inet`. Can be passed using `ssh -o`. See `man ssh` and `man ssh_config` for details. – sshow Nov 21 '20 at 18:58

Gabe Gates · Answer 3 · 2021-08-16T15:33:26.067

1

For Docker Compose I was able to add the following to my .yml file:

network_mode: "host"

I believe the equivalent in Docker is:

--net=host

Documentation:

https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode

https://docs.docker.com/network/#network-drivers

host: For standalone containers, remove network isolation between the container and the Docker host, and use the host’s networking directly. See use the host network.

edited Aug 16 '21 at 15:33

answered Jun 26 '19 at 19:44

Gabe Gates

902
1
14
19

@M.Liver I added a few documentation links, but I believe by default docker does not open itself to the environment running the container for example your localhost. This configuration opens it up to allow communnication. – Gabe Gates Aug 16 '21 at 15:35

score 0 · Answer 4 · answered Jan 16 '23 at 06:06

I also faced this error today, here's how to fix it:

If(and only if) you are facing this error inside a running container that isn't in production. Do this:

docker exec -it -u 0 [your container id here] /bin/bash

then when you entered the container in god mode, run this:

service ssh start

then you can run your ssh based commands.

Of course it is best practice to do it in your Dockerfile before all these, but no need to sweat if you are not done with your image built process just yet.

Unable to ssh localhost within a running Docker container

4 Answers4

Documentation: