Docker

1237 readers

1 users here now

founded 2 years ago

MODERATORS

[email protected]

Portainer via SSH? (lemm.ee)

submitted 3 weeks ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

Over the week I've been dealing with the Kinsing virus via Docker on my VPS. I've been learning about it and I've come to find I've been thinking about Docker all wrong with the way that I was using it.

I enjoy using Portainer, so that's a must for me. I know Docker allows you to secure Docker sockets via context; docker context create vps --docker "host=ssh://user@vps".

I would like to use this method, via Portainer (locally) to connect to docker (remote) via SSH. Anyone know of a way to do this? I've been looking around and haven't found much.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 3 weeks ago

Yeah, granted it's a niche situation.

I think I've found a medium, though. I ended up setting Portainer agent on my VPS, and I've disallowed connections to everyone on that port but my IP via ufw; ufw allow from x.x.x.0/24 to any port 9001. I would still prefer to do it via SSH to hide behind the protocol and identity keys, but this will have to do. It doesn't seem like the Portainer devs even care about an issue like this, which is pretty fucked up because by default all docker systems exposed to the internet (unless you know what you're doing) are vulnerable to Kinsing.