{"id":20200400,"url":"https://github.com/nickjer/docker-vpn-client","last_synced_at":"2025-07-13T16:05:52.834Z","repository":{"id":70912312,"uuid":"98913909","full_name":"nickjer/docker-vpn-client","owner":"nickjer","description":"Simple VPN client in Docker container","archived":false,"fork":false,"pushed_at":"2022-04-11T18:09:55.000Z","size":4,"stargazers_count":13,"open_issues_count":1,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-03T08:45:32.166Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nickjer.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-07-31T17:46:05.000Z","updated_at":"2024-11-25T14:34:36.000Z","dependencies_parsed_at":null,"dependency_job_id":"e034e603-15cc-481f-87d2-3f6ba1090454","html_url":"https://github.com/nickjer/docker-vpn-client","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/nickjer/docker-vpn-client","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjer%2Fdocker-vpn-client","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjer%2Fdocker-vpn-client/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjer%2Fdocker-vpn-client/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjer%2Fdocker-vpn-client/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nickjer","download_url":"https://codeload.github.com/nickjer/docker-vpn-client/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjer%2Fdocker-vpn-client/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265167496,"owners_count":23721455,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-14T04:43:32.665Z","updated_at":"2025-07-13T16:05:52.811Z","avatar_url":"https://github.com/nickjer.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Docker VPN Client\n\nDocker image for [OpenConnect](http://www.infradead.org/openconnect/) and\n[OpenVPN](https://openvpn.net/) that runs an [SSH](https://www.openssh.com/)\nserver for easy SSH port forwarding and SOCKS proxying.\n\n## Build with Docker\n\n```sh\ngit clone https://github.com/nickjer/docker-vpn-client.git\ncd docker-vpn-client\ndocker build --force-rm -t nickjer/docker-vpn-client .\n```\n\n## Install from Docker Hub\n\n```sh\ndocker pull nickjer/docker-vpn-client\n```\n\n## Usage\n\nThe docker container is launched with the SSH server started and your SSH key\ncopied to the `root` account:\n\n```sh\ndocker run \\\n  --rm \\\n  -i \\\n  -t \\\n  --privileged \\\n  --sysctl net.ipv6.conf.all.disable_ipv6=0 \\\n  -p 127.0.0.1:4444:22 \\\n  -e \"SSH_KEY=$(cat ~/.ssh/id_rsa.pub)\" \\\n  nickjer/docker-vpn-client\n```\n\nNote that we mapped the host port `4444` to the container's port `22`, but feel\nfree to change this.\n\nFrom here you will be placed inside the container as `root` in a shell process.\nYou will then use whatever VPN client you are familiar with to connect to your\nVPN server (may require logging in and two-factor authentication).\n\nFor example:\n\n```sh\nopenconnect \u003chost\u003e\n```\n\n### SSH Tunnel Example (from container to remote server)\n\n*Note: As your private SSH key does not reside in the container, this will only\nwork with remote SSH servers that you login with username/password.*\n\n1. Open a new terminal and `ssh` to the Docker container:\n\n   ```sh\n   ssh -o UserKnownHostsFile=/dev/null \\\n       -o StrictHostKeyChecking=no \\\n       -p 4444 root@localhost\n   ```\n\n   where we ignore the dynamic host SSH keys.\n\n2. From within the container we `ssh` to the host behind the VPN:\n\n   ```sh\n   ssh \u003cusername\u003e@\u003chost_behind_proxy\u003e\n   ```\n\n   and authenticate.\n\n### SSH Tunnel Example (through container to remote server)\n\n*Note: This method is preferred if you login using SSH public keys.*\n\n1. Open a new terminal and setup port forwarding to the SSH host behind the\n   VPN:\n\n   ```sh\n   ssh -o UserKnownHostsFile=/dev/null \\\n       -o StrictHostKeyChecking=no \\\n       -L 4445:\u003chost_behind_vpn\u003e:22 \\\n       -p 4444 root@localhost\n   ```\n\n   where we forward the local port `4445` to the SSH host behind the VPN.\n\n2. Now in **another terminal** you can connect to the SSH host behind the VPN:\n\n   ```sh\n   ssh -p 4445 \u003cuser\u003e@localhost\n   ```\n\n## Examples\n\n### SSH Config\n\nTo simplify connecting to the Docker container it is recommended you modify the\n`~/.ssh/config` file as such:\n\n```ssh\n# ~/.ssh/config\n\nHost vpn\n  StrictHostKeyChecking no\n  UserKnownHostsFile=/dev/null\n  User root\n  Hostname localhost\n  Port 4444\n```\n\nThen you can connect to the Docker container with:\n\n```sh\nssh vpn\n```\n\nor for port forwarding:\n\n```sh\nssh -L 4445:\u003chost_behind_proxy\u003e:22 vpn\n```\n\n### Wrapper Script\n\nIt is recommended to make a wrapper script around the Docker command to\nsimplify launching VPN clients. Create the script `~/bin/vpn-client` with:\n\n```sh\n#!/usr/bin/env bash\n\nexec \\\n  docker run \\\n    --rm \\\n    --interactive \\\n    --tty \\\n    --privileged \\\n    --sysctl net.ipv6.conf.all.disable_ipv6=0 \\\n    --publish \"127.0.0.1:${SSH_PORT:-4444}:22\" \\\n    --env \"SSH_KEY=${SSH_KEY:-$(cat ~/.ssh/id_rsa.pub)}\" \\\n    \"${@}\" \\\n    nickjer/docker-vpn-client\n```\n\nFollowed by setting the permissions:\n\n```sh\nchmod 755 ~/bin/vpn-client\n```\n\nThen run:\n\n```sh\nvpn-client\n```\n\n### Juniper Network Connect\n\nYou can connect to a Juniper network with:\n\n```sh\nopenconnect --juniper \u003cvpn_host\u003e\n```\n\n### OpenVPN Connect\n\nYou will need to bind mount your client configuration file into the container\nif you want to be able to connect to the VPN using it. For now lets use the\nwrapper script we created above:\n\n```sh\nvpn-client -v \"/path/to/client.ovpn:/client.ovpn\"\n```\n\nOnce inside the container we can connect to the VPN server using:\n\n```sh\nopenvpn --config client.ovpn\n```\n\n### Connect through Chrome\n\nYou can set up an SSH proxy with:\n\n```sh\nssh -o UserKnownHostsFile=/dev/null \\\n    -o StrictHostKeyChecking=no \\\n    -D 8080 \\\n    -p 4444 root@localhost\n```\n\nand connect to it with Chrome as:\n\n```sh\ngoogle-chrome \\\n  --user-data-dir=$(mktemp -d) \\\n  --proxy-server=\"socks://localhost:8080\" \\\n  --incognito\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickjer%2Fdocker-vpn-client","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnickjer%2Fdocker-vpn-client","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickjer%2Fdocker-vpn-client/lists"}