4

When using

CMD ["/usr/sbin/sshd", "-D"]

in a Dockerfile, docker logs does not show the logging:

cat > Dockerfile.stdout <<EOF
FROM alpine:latest
RUN    apk add --no-cache openssh-server \
    && mkdir /var/run/sshd \
    && ssh-keygen -A
CMD ["/usr/sbin/sshd", "-D"]
EOF

docker build -f Dockerfile.stdout -t sshd-stdout .

docker run --name sshd-stdout -d sshd-stdout

docker logs sshd-stdout
<empty>

Docker host is CentOS:

cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)

Docker logging backend is journald:

grep ^OPTIONS /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'

I also tried using json as a logging backend, without success.

How do I 'forward' the logging correctly?


As suggested by @marioavs, '-e' is necessary. I have tried '-e' and '-D', but not both at the same time. So:

cat > Dockerfile.stdout <<EOF
FROM alpine:latest
RUN    apk add --no-cache openssh-server \
    && mkdir /var/run/sshd \
    && ssh-keygen -A
CMD ["/usr/sbin/sshd", "-D", "-e"]
EOF
Willem
  • 157
  • 4
  • 13

1 Answers1

5

Use -e command-line option to forward all messages to standard error (from sshd docs):

-e Write debug logs to standard error instead of the system log.

I found a good example in the following Docker file:

simple alpine based SSHD server

marioavs
  • 66
  • 1
  • 3
  • 1
    Hi @marioavs (and sorry for late reply). I have tried '-e', but without '-D'. Combining both works. Thanks! – Willem Jun 19 '19 at 06:05