added log to allow external fail2ban

build/Dockerfile

@@ -4,7 +4,9 @@ RUN apk add --no-cache \
   openssh-server-pam \
   bash \
   rsync \
-  shadow
+  moreutils \
+  shadow \
+  tzdata
 
 COPY get_pub_keys.sh update_users.sh run_ssh_box.sh /usr/local/sbin/
 CMD bash /usr/local/sbin/run_ssh_box.sh

build/run_ssh_box.sh

@@ -59,4 +59,8 @@ echo "$NAME" > /etc/motd
 
 update_users.sh
 
-"/usr/sbin/sshd" "-D" "-e" "-f" "/etc/ssh/sshd_config"
+touch /var/ssh-box/sshd.log
+chmod 0600 /var/ssh-box/sshd.log
+"/usr/sbin/sshd" "-D" "-e" "-f" "/etc/ssh/sshd_config" 2>&1 | \
+  ts "%b %d %H:%M:%S $HOSTNAME sshd[$$]:" | \
+  tee -a /var/ssh-box/sshd.log

docker-compose.yaml

@@ -13,6 +13,7 @@ services:
       - USR=${USR}
       - NAME=${NAME}
       - GRP=${GRP}
+      - TZ=${TZ}
     restart: unless-stopped
 
 

example-env

@@ -2,3 +2,4 @@ USR=1000
 GRP=1000
 EXPOSE=22222
 NAME=BOX NAME
+TZ=Europe/Copenhagen