# SSH Gateway Docker Compose Installation ## Introduction Soffid allows you to deploy a new docker container with the **ssh gateway**. The configuration is similar to the sync server configuration, the main difference is the ssh container is listening in ssh. ## Prerequisites The SSH Service is only released as a docker service. 1. Install docker ([https://docs.docker.com/install/](https://docs.docker.com/install/)) 2. Install docker compose ([https://docs.docker.com/compose/install/](https://docs.docker.com/compose/install/)) 3. Install Soffid PAM (store container and launcher container)

You can visit the [PAM Jump Server Installation page](https://bookstack.soffid.com/books/pam-install-config/page/pam-jump-server-installation-u6p) for more information about how to install PAM

## Installation The steps required to install SSH container are: ### 1. Create a user We need to create a user in the pam store container. To do this, we need to connect to the store container. ```shell sudo docker exec -it soffid-pam-store /bin/bash ``` Once, we are connected to the container, we need to run a script to create the user. This script has two parameters, the user name, and the role. We have to type launcher in the role parameter ```shell root@soffid-pam-store:/# /opt/soffid/tomee/bin/add-user.sh proxyssh-user launcher Password: c4ZRcmgemq3nMr1VQJCD1pJRhPbdX5hrmmrP6RX7zBE4HSs3RV3+cGwDdL1WaaqZ root@soffid-pam-store:/# ``` As a result of the script, we receive the password for the created user. This password will be needed later when we create the container. ### 2. Execute the YAML ```yaml version: '3.8' services: ssh-gateway: image: soffid/pam-ssh:1.4.47 environment: SOFFID_SERVER: https://syncserver01.soffid.com:1760 SOFFID_USER: soffidUser SOFFID_PASS: SoffidPassword SOFFID_HOSTNAME: ssh-gateway STORE_SERVER: https://soffid-pam-store:8443 STORE_PASSWORD: c4ZRcmgemq3nMr1VQJCD1pJRhPbdX5hrmmrP6RX7zBE4HSs3RV3+cGwDdL1WaaqZ STORE_USER: proxyssh-user ports: - "2222:22" networks: - network volumes: - ssh-gateway-data:/opt/soffid/iam-sync/conf networks: network: name: netcompose driver: bridge volumes: ssh-gateway-data: name: compose-ssh-gateway-data ``` Execute: ```shell sudo docker compose up -d ``` #### Environment Variables To create the new SSH container you need to set the following environment variables:
**Variable****Description****Example**
SOFFID\_SERVER Sync Server URL https://syncserver01.soffid.com:1760
SOFFID\_USER Soffid user to join the security domain admin
SOFFID\_PASSWORD Soffid user password \*\*\*\*\*\*\*\*\*
SOFFID\_HOSTNAME The hostname used to access the ssh gateway ssh-gateway
STORE\_SERVER Store URL http://soffid-pam-store:8080
STORE\_PASSWORD Password received when you created the user in the store container. \*\*\*\*\*\*\*\*\*\*\*\*
STORE\_USER Store user proxyssh