@elena Ok, that might explain it, thanks for the reply.
SSH with keys and local Docker socket should be sufficient precaution 
Again, good luck!
undefined
Tomáš Odehnal
@def@hachyderm.io
Post
-
️ my adventures in #selfhosting: day 249 (mind of a #newbie edition) 🧠
-
️ my adventures in #selfhosting: day 249 (mind of a #newbie edition) 🧠
@elena Thanks for the write-up Ele and best of a luck with your containerization journey! While it might be a bit tricky sometimes, once you get more familiar with containers, you will like it (at least I do .)
To the OVH incident - I don't believe it was the keys. Having them present in the root dir shouldn't do harm, unless they would be accessible from outside. Which I don't think was the case if the only thing you did was install docker, make it internet accessible and secure the socket with certs.
Anyway, using SSH (either directly from docker client or via tunneling) might be preferable as you won't expose docker to internetz at all.