I am starting to host a server in the clouds and have learned that you need to take quite some measures to securing such a server and though following this guide would be a fair start.
Now I am wondering how to apply those measures to a container that will be living inside of the cloud server.
Especially the question about ssh access, the role of root, etc is something I don’t quite know what to make of as a container by default behaves quite different then a ‘normal’ (ubuntu) server. You enter into the root account without any sort of password, i.e.
I think I won’t need direct ssh access to the container get in via the cli of the host via the
lxc exec command just fine. So, maybe disabling ssh inside a container altogether may be an option.
On the other hand … my containers will be connect to the outside world via a proxy device (port80, port443) as per this thread.
The more I write, the more I realize how little I understand of the matter. So a container specific howto as the one mentioned above would be ideal. Is there anything out there?