Docker Alpine Linux: ssh keeps asking for password

Suppose we are running an sshd Docker Alpine (3.11) container. Even if properly configured by installing an SSH public key for root, you may keep being prompted for the root password by sshing the container.

1 2 3 4

[jerome@jeroboam] > docker run -e 'SSH_PUBLIC_KEY="..." -it --rm -p 2223:22 --name ss-ussd-sshd ss-ussd/sshd [jerome@jeroboam] > ssh -p 2223 root@localhost Warning: Permanently added '[localhost]:2223' (ECDSA) to the list of known hosts. root@localhost's password:

Solution: can't config ssh service when i use alpine:3.9 #28
Root cause: CVE-2019-5021

Bottom line: add this command in the Dockerfile:

# make sure root login is disabled
RUN sed -i -e 's/^root::/root:!:/' /etc/shadow