Closed junze-smg closed 11 months ago
Hi! If you don't use default osx ssh-agent, you can remap it socket to yubikey-agent socket with such launch agent:
$ cat ~/Library/LaunchAgents/link-ssh-auth-sock.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>link-ssh-auth-sock</string>
<key>ProgramArguments</key>
<array>
<string>/bin/sh</string>
<string>-c</string>
<string>/bin/ln -sf /usr/local/var/run/yubikey-agent.sock $SSH_AUTH_SOCK</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
Then, force to launch it with launchctl load -F ~/Library/LaunchAgents/link-ssh-auth-sock.plist
and run docker container:
$ docker run -ti --rm -v /run/host-services/ssh-auth.sock:/ssh-agent -e SSH_AUTH_SOCK="/ssh-agent"
So, /run/host-services/ssh-auth.sock
socket in docker virtual machine point to default osx ssh-agent which linked to yubikey-agent socket.
https://github.com/docker/for-mac/issues/4242#issuecomment-822027581
Hi, thanks for the great agent. I've been using it on my Mac without a problem! However recently I need to use the Yubikey-agent inside a docker container because we need to ssh to a remote machine inside the container, but we'd like to have everyone use their own local ssh setup, i.e. yubikey-agent on my Mac. Setting up the environment
SSH_AUTH_SOCK
inside the container to the agent socket on my host machine with proper mounting didn't work. I also saw other ways to mount special path/run/host-services/ssh-auth.sock
to the container, but it didn't work out either. Do you have any suggestion on how to use this agent inside a docker container? Thanks!