Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow use of ssh-agent instead of mounting SSH key #15

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Allow use of ssh-agent instead of mounting SSH key #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
eaac836
Allow use of ssh-agent instead of mounting SSH key
dw-ec Jun 7, 2023
cebb881
Add note about SSH_AUTH_SOCK forwarding
dw-ec Jun 7, 2023
e1535c5
Simplify documentation for ssh-agent forwarding
dw-ec Jun 27, 2023
6da4627
Remove extraneous newline
dw-ec Jun 27, 2023
8a1122b
Change local auth sock parameter to be more cross-platform
dw-ec Jul 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,23 @@ jujhars13/docker-ssh-tunnel
mongo --host localhost --port 27017
```

## Forwarding ssh-agent socket

Mounting your private ssh key doesn't work if it's protected by a passphrase. Instead you can forward your ssh-agent via SSH_AUTH_SOCK, by mounting the special (seemingly non-existent) socket /run/host-services/ssh-auth.sock within the container, and setting the environment variable appropriately.

Use the following options with the `docker run` command above to enable this:

```
-e SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock \
-v ${SSH_AUTH_SOCK}:/run/host-services/ssh-auth.sock \
```

You can omit the following option:
```
-v ~/.ssh/id_rsa:/ssh_key/id_rsa:ro \
```


## TODO

- [x] add example `docker-compose.yml` to `/examples`
Expand All @@ -76,4 +93,4 @@ mongo --host localhost --port 27017
## Version

- 2022-08-11 - `v1.8` - Removes Bash, Bumps Alpine to `v3.16`
- 2021-09-12 - `v1.8` - Bumps Alpine to `v3.15`
- 2021-09-12 - `v1.8` - Bumps Alpine to `v3.15`
6 changes: 5 additions & 1 deletion run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@ fi

echo "starting SSH proxy $LOCAL_PORT:$REMOTE_SERVER_IP:$REMOTE_PORT on $SSH_USER@$SSH_BASTION_HOST:$SSH_PORT"

if [ -z ${SSH_AUTH_SOCK+x} ] ; then
SSH_IDENTITY=" -i /ssh_key/id_rsa"
fi

/usr/bin/ssh \
-NTC -o ServerAliveInterval=60 \
-o GatewayPorts=true \
Expand All @@ -32,4 +36,4 @@ echo "starting SSH proxy $LOCAL_PORT:$REMOTE_SERVER_IP:$REMOTE_PORT on $SSH_USER
-L $LOCAL_PORT:$REMOTE_SERVER_IP:$REMOTE_PORT \
$SSH_USER@$SSH_BASTION_HOST \
-p $SSH_PORT \
-i /ssh_key/id_rsa
${SSH_IDENTITY:-}