Can't ssh into linux container on Azure App Service - "SSH CONNECTION CLOSE - Error: connect ECONNREFUSED"

Question

I'm trying to ssh into a container for Azure app service. I have followed the instructions for configuring my container here:

https://learn.microsoft.com/en-gb/azure/app-service/containers/configure-custom-container#enable-ssh

and the instructions to connect here:

https://learn.microsoft.com/en-gb/azure/app-service/containers/app-service-linux-ssh-support

Here are the relevant steps in my docker file:

RUN apt-get update \ 
     && apt-get install -y --no-install-recommends dialog \
     && apt-get update \
     && apt-get install -y --no-install-recommends openssh-server \
     && echo "root:Docker!" | chpasswd 

EXPOSE 8000 2222

COPY sshd_config /etc/ssh/

CMD ./bin/start.sh

where start.sh starts runs service ssh start. The sshd_config file is

# This is ssh server systemwide configuration file.
#
# /etc/sshd_config

Port            2222
ListenAddress       0.0.0.0
LoginGraceTime      180
X11Forwarding       yes
Ciphers aes128-cbc,3des-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha1,hmac-sha1-96
StrictModes         yes
SyslogFacility      DAEMON
PasswordAuthentication  yes
PermitEmptyPasswords    no
PermitRootLogin     yes
Subsystem sftp internal-sftp

When I try and connect by ssh from the portal it first says "CONNECTED | CREDENTIALS" then after 30 seconds or so it says "SSH CONNECTION CLOSE - Error: connect ECONNREFUSED <ip>:2222"

Not sure why this is not connecting?

Lukasz Dynowski · Answer 1 · 2021-04-13T13:15:55.280

What fixed my error was to specified missing runtime directory that sshd requires. For debian Linux distor it I had to create /run/sshd directory. Another thing that was important is to start sshd daemon by full for me it was /usr/sbin/sshd

Dockerfile

FROM nginx:latest

RUN apt-get update && apt-get install -y ssh
RUN echo "root:Docker!" | chpasswd
RUN mkdir /run/sshd

WORKDIR /app
COPY startup.sh /app
COPY sshd_config /etc/ssh/

EXPOSE 80 2222

CMD /app/startup.sh

/app/startup.sh

#!/bin/sh

echo "Start sshd"
/usr/sbin/sshd

echo "Start nginx"
nginx -g "daemon off;"

sshd_config

Port                2222
ListenAddress       0.0.0.0
LoginGraceTime      180
X11Forwarding       yes
Ciphers aes128-cbc,3des-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha1,hmac-sha1-96
StrictModes         yes
SyslogFacility      DAEMON
PasswordAuthentication  yes
PermitEmptyPasswords    no
PermitRootLogin         yes
Subsystem sftp internal-sftp

To verify that you can ssh into container run this command

# Password: Docker!
$ ssh root@IP_OF_CONTAINER -p 2222

# Debug
ssh root@172.17.0.26 -p 2222 -vvvv

score 1 · Answer 2 · answered May 26 '20 at 09:24

1

Ok just got this to work it seemed putting #!/bin/bash was left out the top of start.sh

answered May 26 '20 at 09:24

itadvicehelpsdf

147
1
3
10

It's not related at all. – Lukasz Dynowski Apr 12 '21 at 14:37
You can change line CMD /app/startup.sh by CMD ["/usr/sbin/sshd","-D"] and delete /app/startup.sh it's not necesary. – Benjamin Oct 24 '22 at 23:40

Can't ssh into linux container on Azure App Service - "SSH CONNECTION CLOSE - Error: connect ECONNREFUSED"

2 Answers2

Linked