SSH to Docker: Permission denied (publickey)

Question

I'm running a docker container and want to ssh to it using emacs' tramp package. I can use docker exec -it containername bash successfully. But I just want to use my emacs to do configure work. I've already exposed containers' port 22 to localhost port 22.

By the way, I do have id_rsa in my .ssh folder.

However, even I use ssh -p 22 dwolf@localhost it still doesn't work. The log is as following:

OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /Users/spacegoing/.ssh/config
debug1: /Users/spacegoing/.ssh/config line 26: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /Users/spacegoing/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/spacegoing/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4+deb7u3
debug1: match: OpenSSH_6.0p1 Debian-4+deb7u3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to localhost:22 as 'dwolf'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:w7Y3BsQ1xof3U5cohsL5y9ctWvgNaTuXdbDFwQtE+Gc
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /Users/spacegoing/.ssh/known_hosts:26
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/spacegoing/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

Answer 1

These three lines:

debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/spacegoing/.ssh/id_rsa
debug1: Authentications that can continue: publickey

Show that you are offering a public key, but it is being rejected; you are not in the authorized_keys file of the target host.

To copy your public key into the docker image, you can use this oneliner, of course, there are many other ways of copying your key into the machine.

dd if=~/.ssh/id_rsa.pub | docker exec -it containername dd of=~/.ssh/authorized_keys

As it was pointed out however, your containers should be as small as possible, and ideally do not even need their own SSH servers; but again, everybody's use case is different.

this command will overwrite any existing authorized keys on the target