I’d opt for the container solution too as it doesn’t touch system packages.
The rootless container is working and it’s possible to connect to the local system SSH by using the IP 10.0.0.1. The container SSH port is 2222 by default.
For testing I installed Scratchpad from the Nethforge repo via Software Center.
Open firewall port:
firewall-cmd --permanent --add-port=2222/tcp
firewall-cmd --reload
Enter scratchpad:
runagent -m scratchpad1
Create directories:
mkdir -p pubkeys config
Run the container:
podman run -d \
--name=openssh-server \
--hostname=openssh-server \
--network=pasta:--map-guest-addr,10.0.0.1 \
-e PUID=$(id -u) \
-e PGID=$(id -g) \
-e TZ=Etc/UTC \
-e PUBLIC_KEY_DIR=./pubkeys \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_NAME=sshuser \
-e USER_PASSWORD=password \
-e LOG_STDOUT=true \
-p 2222:2222 \
-v ./config:/config:z \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:10.2_p1-r0-ls218
Adapt sshuser and password to your needs.
After the first start, the config files are created in the ./config directory.
Public keys can be put to the ./pubkeys directory.
For more information about the configuration see linuxserver/openssh-server - Docker Image.
The OpenSSH container logs are shown in the scratchpad1 logs.
Now it should be possible to connect to the OpenSSH container:
ssh -p 2222 sshuser@NS8Host
To connect to the local system SSH from inside the OpenSSH container:
ssh user@10.0.0.1
To remove this testing environment it’s enough to remove Scratchpad via Software Center and remove the firewall port:
firewall-cmd --permanent --remove-port=2222/tcp
firewall-cmd --reload