Ssh – How to limit access from host to docker container


I am new to docker. I setup a container which run a web application at port 3333. it works well.

By default we could access container bash from host without password. I share the host machine with other users so I wanna set password or ssh key when access the container from host to prevent others from accessing my container.

Is it possible?

Best Answer

With the default docker engine, it's all or nothing per user. Any user with access to docker on a host effectively has root access on that host (they can start a docker container with a host volume mounted to / and change anything they wish). User access is controlled by either group permissions (the docker group) for unix sockets and the fd that uses systemd, or by client TLS certificates if you setup TLS and configure the daemon to listen on 2376.

For more configurability, I'd recommend looking at products like Universal Control Plane that adds Role Based Access Control.