How to SSH from a Docker Container to Docker Host or IP
Looking for a way to connect from a Docker Container to an IP or a DNS/hostname? Look no further! This short step-by-step tutorial got you covered for both Linux and Windows machines.
I had an issue the other day where I needed to SSH from a Docker container to my Docker host and several other IPs because I was doing some Ansible testing from within a container to the servers.
The problem I needed to debug was that the container was not using my SSH keys to authenticate the clients... I solved that 😅 However, I thought a short tutorial for how to SSH from a Docker container to an IP or a Docker Host would be useful here at DevOps Space. 🐋
So what are we going to do? 😎
- Install the OpenSSH Server at our Docker Host or the client we would like to SSH to.
- Spin up a Docker container using Ubuntu and install an OpenSSH Client inside it.
- SSH from the Docker container to the Docker host using the hostname provided by Docker (only Desktop Desktop) or simply the IP of the host (Docker on Linux).
If you are ready then let's get started. 🚀
I will be doing this on my Windows Desktop, but I will show you how to do it using both the hostname and the IP as Docker Desktop supports that. Alright, let's move on! ✌️
Install OpenSSH on the Docker Host Machine
We need to make sure that we have an OpenSSH Server installed and ready to accept incoming connections from other machines.
Install OpenSSH Server on Windows
The installation of OpenSSH is a bit more complicated on Windows than Linux, but let's see how we can do it.
Microsoft has written a very detailed guide for how to get started with OpenSSH on Windows. You can read that on the link below. If you prefer to stick with DevOps Space, please see my short PowerShell tutorial below.
To install OpenSSH using PowerShell, run PowerShell as an Administrator. To make sure that OpenSSH is available, run the following cmdlet.
Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
The command should return the following output if neither is already installed.
Name : OpenSSH.Client~~~~0.0.1.0
State : NotPresent
Name : OpenSSH.Server~~~~0.0.1.0
State : NotPresent
Then, install the server component.
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
The result of that command will look like the following output in the PowerShell window.
Path :
Online : True
RestartNeeded : False
To start and configure your OpenSSH Server for initial use, open an elevated PowerShell prompt (right click, Run as an administrator), then run the following commands to start the sshd service
.
# Start the sshd service
Start-Service sshd
# OPTIONAL but recommended:
Set-Service -Name sshd -StartupType 'Automatic'
# Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}
Perfect, your Windows Machine where Docker is running, is now ready to accept SSH connections. ✌️
Installing OpenSSH Server on Linux
This is a bit more straightforward than installing an OpenSSH Server on Windows. Open your terminal on your Linux host and run the following commands.
sudo apt update
sudo apt install openssh-server
Great, now that the OpenSSH Server has been installed, we are ready to start the server. Run the following command in your terminal.
sudo service ssh start
IMAGE HERE
Now let's check the status of our OpenSSH Service to make sure it running. Run the following command in your terminal.
sudo service ssh status
You should have an output similar to the following.
IMAGE HERE
Let's verify that our SSH service works as expected by connecting to localhost
using our own credentials. Run the below command in your terminal and verify that you can connect using SSH on your local machine.
ssh <your-username>@localhost
IMAGE HERE
Awesome! Our SSH server is ready to accept incoming connections. 😎
Running an Ubuntu Docker Container
As I mentioned at the early beginning of this tutorial, we will spin up a Ubuntu Docker Container.
To do this and make it interactive, run the following command in your terminal.
docker run -it --name DevOpsSpace-Ubuntu --hostname devopsspace-ubuntu ubuntu bash
It should do the following if you don't have the latest image of ubuntu locally. Else it will just boot the container and give you the bash from the container.
As you can see we are not able to perform commands as root from our Docker Container running Ubuntu.
Installing OpenSSH Client in Ubuntu Docker Container
To perform SSH operations from our container, we will need to use apt
to install the openssh-client
in the container. To do this run the following commands in the terminal where we are connected to the container.
apt update
apt install openssh-client
Great! Now the OpenSSH Client has been installed and we are able to perform SSH connections from the container to the host running Docker. Let's explore the connection options.
- If you are using Docker Desktop on either Mac or Windows, you can connect using the following DNS name:
host.docker.internal
. - If you are on Linux, you would have to use the default Docker IP:
172.17.0.1
to connect to your Docker Host.
Here are the examples of both methods.
# Connect to DNS name
ssh <docker-host-username>@host.docker.internal
# Connect to IP
ssh <docker-host-username>@172.17.0.1
So let's connect using the DNS option first. I have a space in my username on my Windows account (I know it's stupid, but that's how Windows configured my account from MS Online).
When I enter my password for the Windows account and sign in using SSH, I will get the following from my Windows machine running the Docker Host.
Let's try using the IP of Docker Host. This could be any IP that we can reach in our network. The Docker environment on my Windows Machine is a bit different from the defaults, but I think it is OK for this example, as it shows you can use any IP.
Awesome! Everything seems to work as intended, high-five to you! 🥳✋ You can now connect to any IP or DNS name in your network from your Docker Container.
Summary
In this step-by-step tutorial on how to connect to any IP or your Docker Host using DNS/IP, you learned how to install an OpenSSH server on both Windows and Linux.
We also took a quick look at how we can spin up a new Docker container running Ubuntu and how we were able to install packages using apt in the container.
If you have any questions or suggestions for this tutorial, please let me know in the comments below. Until next time, happy Dockerizing and Engineering! ✌️
Software Used In This Tutorial
Here is a list of the software we have used in this tutorial.