本次使用的是niruix/sshwifty,安装非常简单,首先创建sshwifty的配置文件:
mkdir /volume1/docker/sshwifty
vi /volume1/docker/sshwifty/sshwifty.conf.json
输入:
{
"Servers": [
{
"ListenInterface": "0.0.0.0",
"ListenPort": 8182,
"TLSCertificateFile": "",
"TLSCertificateKeyFile": ""
}
],
"OnlyAllowPresetRemotes": false
}
之后,打开IP:8182,就可以看到登陆界面了:
不过需要注意的是,登陆SSH需要用https,所以即使你通过IP:8082的方式打开了web页面,仍然无法连接SSH,一个简单的方式是通过内网穿透将8082映射出去,然后在穿透的服务器上做反代。具体不细讲。当然,安全起见,还是加上密码比较好: "SharedKey": "CHANGE_THIS_TO_A_LONG_RANDOM_STRING",
如果希望能够配置免密,则使用下面的,分两种,私钥登录和密码登录:
1、私钥登陆
首先将~/.ssh/id_ed25519.pub中的内容放到SSH服务器的~/.ssh/authorized_keys中,然后,将sshwifty.conf.json内容改为:
{
"SharedKey": "CHANGE_THIS_TO_A_LONG_RANDOM_STRING",
"Servers": [
{
"ListenInterface": "0.0.0.0",
"ListenPort": 8182,
"TLSCertificateFile": "",
"TLSCertificateKeyFile": ""
}
],
"OnlyAllowPresetRemotes": true,
"Presets": [
{
"Title": "NAS LOCAL",
"Type": "SSH",
"Host": "192.168.1.1:3",
"TabColor": "112233",
"Meta": {
"User": "ma",
"Encoding": "utf-8",
"Authentication": "Private Key",
"Private Key": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNYWMB\n-----END OPENSSH PRIVATE KEY-----\n"
}
}
]
}
注意,Private Key中的内容来自~/.ssh/id_ed25519,回车要用\n表示。
2、密码登录
密码登录比较简单,改为下面的即可:
{
"SharedKey": "CHANGE_THIS_TO_A_LONG_RANDOM_STRING",
"Servers": [
{
"ListenInterface": "0.0.0.0",
"ListenPort": 8182,
"TLSCertificateFile": "",
"TLSCertificateKeyFile": ""
}
],
"OnlyAllowPresetRemotes": false,
"Presets": [
{
"Title": "NAS LOCAL",
"Type": "SSH",
"Host": "192.168.1.1:3",
"TabColor": "112233",
"Meta": {
"User": "ma",
"Password": "xxxxxxx",
"Authentication": "Password"
}
}
]
}
配置好文件之后,直接打开SSH,运行下面的命令即可创建:
docker run --detach --restart unless-stopped --publish 8182:8182 --name sshwifty -v /volume1/docker/sshwifty/sshwifty.conf.json:/etc/sshwifty.conf.json niruix/sshwifty:latest
