* New base-image: debian:buster-slim

* Smaller Image Footprint (169MB -> 116MB)
* Remove support for the hmac-ripemd160 MAC (OpenSSH 7.9p1)
This commit is contained in:
nold 2018-11-12 15:04:21 +01:00
parent 5e5031e828
commit ae2f6c90ef
2 changed files with 11 additions and 9 deletions

View file

@ -2,7 +2,7 @@
# Dockerfile to build borgbackup server images
# Based on Debian
############################################################
FROM debian:latest
FROM debian:buster-slim
# Volume for SSH-Keys
VOLUME /sshkeys
@ -12,11 +12,14 @@ VOLUME /backup
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get -y --no-install-recommends install borgbackup openssh-server && apt-get clean
RUN useradd -s /bin/bash -m borg ; \
mkdir /home/borg/.ssh && chmod 700 /home/borg/.ssh && chown borg: /home/borg/.ssh ; \
mkdir /run/sshd
RUN rm -f /etc/ssh/ssh_host*key* ; \
RUN apt-get update && apt-get -y --no-install-recommends install \
borgbackup openssh-server && apt-get clean && \
useradd -s /bin/bash -m borg && \
mkdir /home/borg/.ssh && \
chmod 700 /home/borg/.ssh && \
chown borg: /home/borg/.ssh && \
mkdir /run/sshd && \
rm -f /etc/ssh/ssh_host*key* && \
rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/*
COPY ./data/run.sh /run.sh

View file

@ -17,7 +17,7 @@ LogLevel INFO
#LogLevel DEBUG
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
@ -29,6 +29,5 @@ AllowTcpForwarding no
X11Forwarding no
PermitTTY no
PrintMotd no
UsePrivilegeSeparation sandbox
PermitTunnel no
Subsystem sftp /bin/false