Open thery-dh opened 1 year ago
thery-dh
commented
1 year ago Also noting a quick workaround for whoever is stuck on this until it gets fixed, list the key you want configured in your lando file under keys, for example:
keys:
- id_rsa
deviantintegral
commented
6 months ago Your workaround above didn't work for me unfortunately. I noticed you're using orbstack, and I'm using colima. I tested with Docker Desktop and then the keys workaround did work (I have an id_ed25519 and only that one was added).
However, the permissions and user mappings are the same in docker desktop as orb, so I'm not fully sure what's going on here:
Docker Desktop:
-rw------- 1 www-data dialout 3434 Apr 17 17:28 id_rsaColima:
-rw------- 1 www-data www-data 3434 Apr 17 17:28 id_rsaI expect this will be fixed if https://github.com/lando/lando/issues/3388 is.
Issue summary Upon building and starting new containers, ssh keys from the host located in ~/.ssh correctly get mounted under /user/.ssh however they are not configured in the container's ssh_config file by the script: load-keys.sh. -> This means that ssh will by default look for keys under the wrong location.
Apparent cause After some debugging I noticed that load-keys.sh expect to be run by the
rootuser and only load keys owned by $LANDO_WEBROOT_USER, which by default isuser. However, mounted keys automatically get assigned ownership of the current user. This can be reproduced by runningls -la /user/.sshas both user and root. Example: Result asroot:Result as
user:Fix suggestion Replace the following line with
readarray -t RAW_LIST < <(find "$SSH_DIR" -maxdepth 1 -not -name '*.pub' -not -name 'known_hosts' -type f)to prevent a user check which seems pointless since the SSH_CANDIDATE will be assigned correct permissions and ownership further down the same script.Happy to make a PR if that helps.
Current config for reference:
Project specific config:
Container:
Alpine Linux v3.18