Additional users after openssh-server installation

aristosv · 29 September 2020 12:43

I want to use the openssh-server container as an sftp server and saw that the first user can be added during installation using:

-e USER_NAME=username
-e USER_PASSWORD=password

What is the correct way of configuring additional users after the container has been installed?

Thanks

aptalca · 29 September 2020 15:06

It was designed for a single user access. For multiple users, you can run multiple containers. It’s what I do. That way, I can have different access settings and volume mappings for each user.

abkich · 4 December 2021 11:04

Hello. Found this old thread that raised the same question I have. I love the openssh container but running on NAS behind firewall with sslh used to redirect incoming requests between this container for ssh and web server for ssl. I can’t find a good way to further redirect to different containers based on user so figured I’d come here and bring up this question again. Recognizing this container is designed for single user access, is there any way to set it up for multiple user access, or request a version of the container that will support it? I am relatively familiar with linux based systems, but am a docker / alpine / linuxserver newbie. I have been able to use standard commands and the configuration script to create a new user with home directory, and can log in or switch directly to that user in the container itself (connecting via docker exec), and the SSHD service will authenticate the user but appears unable to actually switch to that user after authentication, so even just understanding how the container is set up to restrict access to a single user would help (does not appear to be thorugh sshd configuration from what Ic an tell?) Thank you!

aptalca · 4 December 2021 13:21

No. You can set up a separate container for each user.

km0201 · 10 December 2021 07:11

You could set up wetty (if you don’t mind using a browser tab)… and it will prompt you for a username if you set it up correctly…

version:  "2"
services:
     wetty:
        image: svenihoney/wetty:latest
        container_name: wetty
        environment:
            - REMOTE_SSH_SERVER=your.server.ip
            - REMOTE_SSH_PORT=22
        volumes:
            - /etc/localtime:/etc/localtime:ro
        ports:
            - 3000:3000
        restart:  unless-stopped

Simply adjust “REMOTE_SSH_SERVER” variable to your IP (and port if needed)… and deploy. Open a browser tab to your-ip:3000 and you’ll be prompted for a username.

It’s also very easy to reverse proxy through swag rather than exposing a port on your router, if you need remote access.