Containers can be entirely without anything. Some containers only contain the binary that gets executed. But many containers do contain pretty much a full distribution, but I have yet to see a container with a password hash in its /etc/shadow file…
So while the container has a root account, it doesn’t have any login at all, no password, no ssh key, nothing.
The containers will have a root login, but the ssh port won’t be open.
I doubt they even have a root user. Just whatever system packagea are required baked into the image
Containers can be entirely without anything. Some containers only contain the binary that gets executed. But many containers do contain pretty much a full distribution, but I have yet to see a container with a password hash in its /etc/shadow file…
So while the container has a root account, it doesn’t have any login at all, no password, no ssh key, nothing.