Timeline for answer to Using SSH keys inside docker container by Aistis
Current License: CC BY-SA 4.0
Post Revisions
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Apr 14, 2024 at 22:00 | comment | added | Christian | Another note: this won't working for building your docker image because volumes (and env, I think?) are attached after the image has been built. | |
| Dec 27, 2023 at 22:10 | comment | added | paoloose | under what permissions should I mount the ssh auth socket? | |
| Feb 28, 2023 at 12:38 | comment | added | jaques-sam | This doesn't seem to work for WSL for some reason :( | |
| S Mar 30, 2022 at 10:00 | history | suggested | nnunes | CC BY-SA 4.0 |
Make it clear that suggested approach is not exclusive to Docker Compose.
|
| Mar 27, 2022 at 23:18 | review | Suggested edits | |||
| S Mar 30, 2022 at 10:00 | |||||
| Mar 6, 2022 at 7:23 | comment | added | Rafał G. | @AndyRay We mount $SSH_AUTH_SOCK in the container. This path has some random elements and will change after reboot, so the path will no longer be valid. Maybe we could set $SSH_AUTH_SOCK on the host to a fixed path (just like we do in the container), but I guess it's semi-random for a reason, so I'd be cautious. | |
| Mar 4, 2022 at 22:11 | comment | added | Andy Ray |
@RafałG. can you expand on why it won't work in the container? I don't understand - if the ssh agent is forwarded to the host, and the key is available to the host, why doesn't the container get to use the key? I have to ssh-add -k to make the container be able to ssh
|
|
| Aug 4, 2021 at 19:12 | comment | added | Rafał G. | Actually, the next day after applying this solution I wasn't able to start my container. As it turned out, the agent socket changed and it was could no longer be mounted in the container. I downed and upped the service and was able to start the container again, but the agent no longer worked inside it. So I'm back with mounting ~/.ssh in the container instead. | |
| Aug 2, 2021 at 19:46 | comment | added | Rafał G. | I think it's worth pointing out that with this solution you'll get an error in the container if you try using SSH before the key you need is added to the agent on the host. It makes sense, you decided to allow SSH access without putting any keys in the container, but it might not be entirely intuitive to someone who's not familiar with the problem you wanted to solve, so it might be a good idea to document it somewhere. | |
| Mar 26, 2021 at 14:00 | comment | added | Nadir Sidi |
This works great! I did have to define the environment variable like SSH_AUTH_SOCK=/ssh-agent versus as-written in the answer. With the colon I got an error that my variable wasn't a string.
|
|
| Mar 22, 2020 at 0:19 | comment | added | Jakub Kukul |
ssh-forwarding is now also supported on macOS hosts - instead of mounting the path of $SSH_AUTH_SOCK, you have to mount this path - /run/host-services/ssh-auth.sock.
|
|
| Mar 5, 2018 at 14:09 | comment | added | JuanPablo |
more details about SSH_AUTH_SOCK blog.joncairns.com/2013/12/understanding-ssh-agent-and-ssh-add
|
|
| Dec 16, 2016 at 10:35 | comment | added | Aistis |
SSH_AUTH_SOCK is a variable, which contains a path to a ssh-agent
|
|
| Aug 11, 2016 at 14:07 | comment | added | Joe Shaw | Just a note that this doesn't work for Mac hosts, whether using docker-machine (via VirtualBox) or Docker for Mac (which uses xhyve) because the unix domain sockets aren't proxied. | |
| Jul 7, 2016 at 6:14 | history | edited | Aistis | CC BY-SA 3.0 |
added 47 characters in body
|
| Apr 15, 2016 at 13:24 | history | answered | Aistis | CC BY-SA 3.0 |