Skip to content

RatioPBC/sftp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
gcs_get_secret
gcs_get_secret
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
gcs_entrypoint
gcs_entrypoint
 
 
sshd_tail_log
sshd_tail_log
 
 

Repository files navigation

sftp

SFTP service image with audit logs and gcsfuse that descends from atmoz/sftp.

Goals:

  1. Run on Compute Engine with persistent backend
  2. Audit log all user activity to STDOUT for view in Logging
  3. Use SSH host key stored in Secret Manager

Added packages:

Changed configuration:

  • use imuxsock rsyslog module for shared log socket in chroots - ripped from aptible/docker-sftp
  • comment out imklog rsyslog module
  • symlink /usr/sbin/rsyslogd in to /etc/sftp.d/
  • add -l INFO to sftp options for audit logging

Added scripts:

  • /gcs_entrypoint - writes SSH host key files from env vars then execs original entrypoint. This script is set as the image ENTRYPOINT.
  • /usr/local/sbin/sshd_tail_log - links shared log socket into each user chroot, runs /usr/sbin/sshd, tails /var/log/auth.log to STDOUT. This script is set as the image CMD.

About

SFTP docker image descendant of atmoz/sftp with audit logging and gcsfuse

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages