Skip to content

Container Image Details

Debian 12 (Bookworm)

Registry: ghcr.io/jackaltx/testing-containers/debian-ssh:12

Base Image

  • Upstream: debian:12
  • Release: Bookworm (stable)
  • Architecture: amd64/x86_64
  • Package Manager: apt/dpkg

Installed Packages

  • python3 (3.11+), openssh-server, systemd, sudo
  • vim, wget, git, tmux, iproute2, python3-pip

Key Paths

  • SSH config: /etc/ssh/sshd_config
  • systemd: /lib/systemd/system/
  • Python: /usr/bin/python3

Default Services

  • ssh.service (enabled)
  • All others: distribution defaults

Rocky Linux 9

Registry: ghcr.io/jackaltx/testing-containers/rocky-ssh:9

Base Image

  • Upstream: rockylinux:9
  • Release: Rocky Linux 9.x
  • Architecture: x86_64
  • Package Manager: dnf/yum

Installed Packages

  • python3 (3.9+), openssh-server, systemd, sudo
  • vim, wget, git, tmux, iproute, python3-pip

Key Paths

  • SSH config: /etc/ssh/sshd_config
  • systemd: /usr/lib/systemd/system/
  • Python: /usr/bin/python3

Default Services

  • sshd.service (enabled)
  • All others: distribution defaults

Ubuntu 24.04 LTS

Registry: ghcr.io/jackaltx/testing-containers/ubuntu-ssh:24

Base Image

  • Upstream: ubuntu:24.04
  • Release: Noble Numbat (LTS)
  • Architecture: amd64
  • Package Manager: apt/dpkg

Installed Packages

  • python3 (3.12+), openssh-server, systemd, sudo
  • vim, wget, git, tmux, iproute2, python3-pip

Key Paths

  • SSH config: /etc/ssh/sshd_config
  • systemd: /lib/systemd/system/
  • Python: /usr/bin/python3

Default Services

  • ssh.service (enabled)
  • All others: distribution defaults

Common Configuration

User Account

  • Username: jackaltx
  • UID: Varies by distribution
  • Home: /home/jackaltx
  • Shell: /bin/bash
  • Groups: jackaltx, sudo (Debian/Ubuntu) or wheel (Rocky)

SSH Configuration

Port 22
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
AllowUsers jackaltx
MaxAuthTries 3
LoginGraceTime 60
AllowAgentForwarding no

Sudo Configuration

jackaltx ALL=(ALL) NOPASSWD: ALL
Defaults timestamp_timeout=15
Defaults logfile=/var/log/sudo.log
Defaults use_pty

Security Settings

  • umask 027
  • TMOUT=900 (session timeout)
  • Secure PATH enforced
  • SSH host keys generated at build time

Image Sizes

Approximate compressed sizes:

Image Compressed Uncompressed
debian-ssh:12 ~50 MB ~150 MB
rocky-ssh:9 ~85 MB ~250 MB
ubuntu-ssh:24 ~55 MB ~170 MB

Update Schedule

  • Monthly: Rebuild with OS security updates
  • Quarterly: Review for deprecated packages
  • Yearly: Evaluate new distribution versions

Registry Information

Primary: GitHub Container Registry (ghcr.io) - Public access - No authentication required for pull - Rate limits: Standard GitHub limits

Alternative: Can be self-hosted on Gitea or other registries

Verification

Verify image integrity:

# Check image digest
podman inspect ghcr.io/jackaltx/testing-containers/debian-ssh:12 \
    | jq '.[0].Digest'

# Verify SSH works
podman run -d --name verify -p 2222:22 --privileged \
    -v /sys/fs/cgroup:/sys/fs/cgroup:rw \
    ghcr.io/jackaltx/testing-containers/debian-ssh:12 /sbin/init

sleep 5
ssh -p 2222 jackaltx@localhost 'echo "Success!"'
podman rm -f verify