MENU

Make data-driven decisions and reduce the time to investigate security and operational issues. Want to know how?         Learn more. (/resources/essential-things-to-

consider-when-buying-a-siem.html)

()

DNIF DOCUMENTATION

Getting Started (/docs/guides/getting-started/index.html)

Community (/docs/dnif-community.html)

Subscribe
Get Support (/docs/contact-support.html)

DNIF Query Language (/docs/learn/DQL/index.html)

DNIF Data Model (/docs/explore/DDM/index.html)

Tutorials (/docs/guides/tutorials/index.html)

INTEGRATION

Webserver (/docs/integration/web-servers/index.html)

Frameworks (/docs/integration/frameworks/index.html)

Operating System (/docs/integration/operating-systems/index.html)

Firewall (/docs/integration/Firewall/index.html)

Proxy Server (/docs/integration/proxy-servers/index.html) 

IDS (/docs/integration/intrusion-detection-systems/index.html)
/
 IPS (/docs/integration/intrusion-prevention-systems/index.html)
MENU
Router (/docs/integration/routers/index.html)

Network Access Control (/docs/integration/network-access-control/index.html)

Switch (/docs/integration/switches/index.html)

VPN (/docs/integration/virtual-private-networks/index.html)

Gateway Device (/docs/integration/gateways/index.html)

Hypervisor (/docs/integration/hypervisors/index.html)

Application (/docs/integration/applications/index.html)

DHCP (/docs/integration/dhcp/index.html)

DNS (/docs/integration/dns/index.html)

Database (/docs/integration/database/index.html)

Subscribe
MTA (/docs/integration/mta/index.html)

DOCS (/DOCS) / GUIDES (/DOCS/GUIDES) / TUTORIALS (/DOCS/GUIDES/TUTORIALS) / ACCESS DNIF CONTAINER VIA SSH

ACCESS DNIF CONTAINER VIA SSH

Similar to any NIX server, the DNIF container also allows a user to login using SSH on a custom ssh (tcp/826) port. However, this is only possible
from the host machine.

LOGIN TO YOUR DNIF CONTAINER

The rst step is to login to the DNIF container.

Open a terminal window on your host machine and ssh using the root user to the mapped ssh port i.e. tcp/826


/
 MENU
$ssh root@localhost -p 826

Next, you shall get a prompt to enter you password where you have to enter the password as : tSV67BZ7bJKnme4

A new bash prompt should open up for you. This signi es that you now have access within the container. You can check out the console output
below, which describes all the required commands to execute in sequence and their corresponding outputs:

root >docker-compose up -d
Creating comp-dnif-a10
root >ssh root@localhost -p 826
root@localhost's password:
Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.10.0-35-generic x86_64)

Subscribe
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by

applicable law.

root@host:~#


UNDERSTANDING THE CONNECTION BETWEEN HOST MACHINE AND DOCKER CONTAINER

/
Docker container uses port 826 of the host machine. The host machine in turn connects over default SSH port 22 with the docker container viaMENU
ssh
port 826.

Subscribe
The recommended method to connect to your docker container is:

First connect to the host machine via ssh port 22

Then connect to the container via the host machine to ssh port 826 (see diagram above)

CHANGE THE LOGIN PASSWORD OF DOCKER CONTAINER

You can also change the password for the container, but it will only be effective till the container is reset/restarted. Once the container is reset or
restarted, then the container login password shall change back to the default password tSV67BZ7bJKnme4 as per the original con guration.

CHANGING DEFAULT SSH PORT OF THE CONTAINER



/
We can’t change the Docker container SSH port, as port 826 is exposed during compilation of the container. If anyone changes SSH port from the
MENU
sshd_con g le, the port shall change but the user will be unable to login, as the port is unexposed.

SECURING SSH CONNECTION

Subscribe


/
 MENU

Subscribe

For a secured connection it is recommended to set UFW ( Unix Firewall ) rules to only allow authorised IP addresses to connect to Docker port 826
on host machine. This rule shall deny un-authorized accesses to the Docker. You can execute the queries below :-
/
 MENU
$ufw default allow incoming
$ufw deny in on eth0 to any port 826 proto tcp

Note : Where ‘eth0’ is the name of your NIC card.

$ufw enable

Output :-

Subscribe


/
 MENU
root@dnif:/home/dnif/docker-compose/ATEN# ufw default allow incoming
Default incoming policy changed to 'allow'
(be sure to update your rules accordingly)

root@dnif:/home/dnif/docker-compose/ATEN# ufw deny in on enp0s3 to any port 826 proto tcp

Rules updated
Rules updated (v6)

root@dnif:/home/dnif/docker-compose/ATEN# ufw enable

Command may disrupt existing ssh connections. Proceed with operation (y|n)? Y
Firewall is active and enabled on system startup

root@dnif:/home/dnif/docker-compose/ATEN# ufw status

Subscribe
Status: active

To Action From
-- ------ ----
826/tcp on enp0s3 DENY Anywhere
826/tcp (v6) on enp0s3 DENY Anywhere (v6)

Need more than just text help? Watch a walkthrough video for accessing your Docker container below :

/
 MENU
Access DNIF Container via SSH

Subscribe
REQUEST A DEMO

See what makes us different. Book a personalized demo and see DNIF in action.


/
First Name *
MENU

Last Name *

Business Email *

Company Name *

Subscribe
Phone Number*

Anything speci c you are looking for?

SET UP MY DEMO

ABOUT DNIF 

/
Who We Are (/about-us.html) MENU
Partners (/partners.html)

Careers (/careers.html)

Release Timeline (/dnif-release-timeline.html)

PRODUCT

How It Works (/how-it-works.html)

Features (/features.html)

Pricing (/pricing.html)

SOAR Integrations (/integrations.html)

Subscribe
Contact Support (/docs/contact-support.html)

SOLUTIONS

Next Gen SIEM (/solutions/siem-security-information-and-event-management.html)

Log Management (/solutions/log-management.html)

Security Analytics (/solutions/security-analytics.html)

Security Automation (/solutions/security-orchestration-automation-and-response.html)

LEARN


/
Blogs (/blogs.html) MENU
Resources (/resources.html)

Community Forum (https://stack.dnif.it)

Documentation (/docs/index.html)

SIEM Guide (/siem-security-information-event-management-guide.html)

SOAR Guide (/soar-security-orchestration-automation-response-guide.html)

CALL US

India: 1800-123-3643 (tel:1800-123-3643)

USA: +1-571-777-3260 (tel:+1-571-777-3260)

Subscribe
(/INDEX.HTML)

©2018 DNIF. All rights reserved. O ce Locations - USA: 2570 N. First Street 2nd Floor, San Jose, CA 95131, +1-571-777-3260, India: 2nd Floor, Reliable House, Kanjur Marg (w), Mumbai 400078, IN, Phone: 1800-123-3643

Careers (/careers.html) - License Agreement (/user-license-agreement.html) - Media Kit (/downloads/Media Kit.zip)

 (https://www.facebook.com/dnifHQ/)  (https://twitter.com/dnifHQ)  (https://youtube.com/c/dnifhq)