Hi Evgeny,

We need to allow users to log in using their UNIX credentials (via LDAP) and run terminal sessions as their OS user. Because web-terminal works over the SuperServer port, even if we used LDAP auth at that level, their processes would run as the user associated with the SuperServer service, so it does not fit our security model. We will look at it, because it may have some limited usefulness in some contexts, but probably not in production.

Thanks for sharing the dockerfile.

Sounds like installing sshd in the container is the way to go.

I gather this is a relatively uncommon use case.

Thanks for your time.

Are you suggesting end users ssh into the docker host and have access to run docker commands? That would presumably grant them administrative access to do anything to or in any container as any user.

I am specifically asking about unprivileged end user terminal access to the terminal session as their own user id.