ssh-agent in a container.
ssh-agent
.This container declares a volume that hosts the agent's socket so that other invocations of the ssh
client can interact with it.
docker run -d --name=ssh-agent whilp/ssh-agent:latest
Run a temporary container which has access to both the volumes from the long-lived ssh-agent
container as well as a volume mounted from your host that includes your SSH keys. This container will only be used to load the keys into the long-lived ssh-agent
container. Run the following command once for each key you wish to make available through the ssh-agent
:
docker run --rm --volumes-from=ssh-agent -v ~/.ssh:/ssh -it whilp/ssh-agent:latest ssh-add /ssh/<host_key_file_name>
Host key verification failed
is common if known_hosts
are not setup. Hosts such as github.com
or bitbucket.org
will require host key validation. Follow this step to copy any known_hosts
from your host
to the ssh-agent
.
docker run --rm --volumes-from=ssh-agent -v ~/.ssh:/ssh -it whilp/ssh-agent:latest cp /ssh/known_hosts /root/.ssh/known_hosts
Now, other containers can access the keys via the ssh-agent
by setting the SSH_AUTH_SOCK
environment variable.
docker run --rm -it --volumes-from=ssh-agent -e SSH_AUTH_SOCK=/root/.ssh/socket ubuntu /bin/bash -c "apt-get install -y openssh-client && ssh-add -l"
known_hosts
Test optional known_hosts
configuration (assuming you followed step 3 above and have Github keys setup)
docker run --rm -it --volumes-from=ssh-agent -e SSH_AUTH_SOCK=/root/.ssh/socket ubuntu /bin/bash -c "apt-get install -y openssh-client && ssh -T git@github.com"
This approach is tested with: