Based on sickp/alpine-sshd with root password disabled.
Using the "Authorized Keys" example, but intended that authorised keys are passed as a docker config or secret bound to
/root/.ssh/authorized_keys, i.e. in swarm mode.
If the key isn't provided, you're left with random authorised keys and no password access which is.... not very useful.
Example "stack" (if a single container can be called a stack) at example.yml, though you'd probably want some other containers doing something.