how to let docker container work with sshuttle?
Normally, setting 0.0.0.0
entails listening on externally available interfaces, and this is also the case with sshuttle .
A more secure approach would be the following - on your host:
- launch your "normal"
sshuttle
instance, listening on localhost, - launch another
sshuttle
instance, listening on your docker host's virtual network interface.
For example:
sshuttle --dns -r <your-ssh-server> 0/0sshuttle -l 172.17.0.1 --dns -r <your-ssh-server> 0/0
Note that this will interfere with host <-> container communication (such as port binding), but it will allow for secure outside connections for your containers (you can further help yourself with excluding Docker's subnet, e.g. with -x 172.17.0.0/24
).