Che: Cannot SSH to WS via Putty

What base image do you use? Custom environment? SSHD should be running in all Che verified stacks.

Below is my Dockerfile it is based on base image from:
https://github.com/codenvy/dockerfiles/blob/master/centos_jdk8/Dockerfile

FROM centos
EXPOSE 4403 8080 8000 22 8081 8005 
RUN yum update -y && \
    yum -y install sudo openssh-server procps wget unzip mc git curl subversion nmap && \
    mkdir /var/run/sshd && \
    sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd && \
    echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
    useradd -u 1000 -G users,wheel -d /home/user --shell /bin/bash -m user -p secret && \
    sed -i 's/requiretty/!requiretty/g' /etc/sudoers

USER user

LABEL che:server:8080:ref=tomcat8 che:server:8080:protocol=http che:server:8000:ref=tomcat8-debug che:server:8000:protocol=http

ENV MAVEN_VERSION=3.2.2 \
    JAVA_VERSION=8u45 \
    JAVA_VERSION_PREFIX=1.8.0_45 \
    TOMCAT_HOME=/home/user/tomcat8

ENV JAVA_HOME=/opt/jdk$JAVA_VERSION_PREFIX \
    M2_HOME=/opt/apache-maven-$MAVEN_VERSION

ENV PATH=$JAVA_HOME/bin:$M2_HOME/bin:$PATH

RUN mkdir /home/user/tomcat8 && sudo mkdir /opt/apache-maven-$MAVEN_VERSION && \
  wget \
  --no-cookies \
  --no-check-certificate \
  --header "Cookie: oraclelicense=accept-securebackup-cookie" \
  -qO- \
  "http://download.oracle.com/otn-pub/java/jdk/$JAVA_VERSION-b14/jdk-$JAVA_VERSION-linux-x64.tar.gz" | sudo tar -zx -C /opt/ && \
  sudo wget -qO- "https://archive.apache.org/dist/maven/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz" | sudo tar -zx --strip-components=1 -C /opt/apache-maven-$MAVEN_VERSION/

ENV TERM xterm

RUN wget -qO- "http://archive.apache.org/dist/tomcat/tomcat-8/v8.0.24/bin/apache-tomcat-8.0.24.tar.gz" | tar -zx --strip-components=1 -C /home/user/tomcat8 && \
    rm -rf /home/user/tomcat8/webapps/*
USER root
RUN  echo -e "JAVA_HOME=/opt/jdk$JAVA_VERSION_PREFIX\nM2_HOME=/home/user/apache-maven-$MAVEN_VERSION\nTOMCAT_HOME=/home/user/tomcat8\nPATH=$JAVA_HOME/bin:$M2_HOME/bin:$PATH" >> /etc/environment
USER user
ENV LANG C.UTF-8

WORKDIR /tmp

RUN wget \
    --no-check-certificate \
    --no-cookies \
    --header "Cookie: oraclelicense=accept-securebackup-cookie" \
    -qO- \
    "http://download.oracle.com/otn-pub/java/jdk/7u75-b13/jdk-7u75-linux-x64.tar.gz" | sudo tar -zx -C /opt/ 

ADD https://console.cloud.google.com/m/cloudstorage/b/gciassets/o/liferay-portal-tomcat-6.1.1-ce-ga2.zip  /tmp

RUN sudo wget -qO- "http://www.us.apache.org/dist/ant/binaries/apache-ant-1.9.7-bin.tar.gz" |sudo tar -zx -C /opt/

ENV ANT_HOME = /opt/apache-ant-1.9.6\
    PATH=$ANT_HOME/bin:$PATH

USER root
RUN  ln -s /opt/apache-ant-1.9.6/bin/ant /usr/bin/ant

USER user
WORKDIR /tmp

RUN sudo wget -qO- "http://nodejs.org/dist/v0.12.0/node-v0.12.0-linux-x64.tar.gz" | sudo tar -zx -C /opt/
ENV NODE_HOME=/opt/node-v0.12.0-linux-x64 \
    PATH=$NODE_HOME/bin:$PATH  
USER root   
RUN  ln -s /opt/node-v0.12.0-linux-x64/bin/node /usr/bin/node &&\
     ln -s /opt/node-v0.12.0-linux-x64/lib/node /usr/lib/node &&\
     ln -s /opt/node-v0.12.0-linux-x64/bin/npm /usr/bin/npm &&\
     ln -s /opt/node-v0.12.0-linux-x64/bin/node-waf /usr/bin/node-waf

USER user
CMD sudo /usr/sbin/sshd -D && \
    tail -f /dev/null

Also, when trying to get sshd status from IDE terminal I get:

[root@82b343648704 tmp]# systemctl status sshd                                                                                                                                                 
Failed to get D-Bus connection: Operation not permitted

update, I used :

CMD ["/usr/sbin/sshd", "-D"]
CMD    ["tail", "-f", "/dev/null"]

I now get :
ssh: connect to host xx.xx.xx.xx port 32869: Connection refused

What about a workspace started from a ready to go stack? Say a Java one?

reproduced on:

but could not reproduce it on :

where can I find the Ready-To-Go-Stacks Dockerfiles?

Yes, looks like this particular stack has troubles with sshd. I'll take a look.

Also, it seems the selenium stack doesnt configure JAVA_HOME

This one does not have java at all. I'll update the image to add Java and Maven.

any other CentOS Dockerfile you know works?
or maybe which lines to add to my own?

Investigating now...

any hint? I'm building a POC for my team....

Password approach isn't the best one in terms of security. It is a temporary solution and we will replace all hardcoded passwords with smth like PASS=$(openssl rand -base64 32) && echo -e "${PASS}\n${PASS}" | passwd user.

If you are ok with having password in your Dockerfile, here's what fixes it:

1. Drop -p when creating a user
2. Just after creating a user add echo -e "codenvy2016\ncodenvy2016" | passwd user - centos requires password that is 8 characters minimum and is not based on a dictionary word.
3. Your CMD should look like this:

CMD sudo /usr/bin/ssh-keygen -A && \
         sudo /usr/sbin/sshd -D && \
         tail -f /dev/null

So, if I'm using SSH keys I should be able to connect with the the Dockerfile provided, no changes?

Yes, but you need to upload your public key at Help > Preferences > Machine

OK, I'll test both methods and update

ok, ssh keys method connects.
I think I'll pass the user/pass method