GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects ā†’ ensody ā†’ ssh-agent-inject

ensody / ssh-agent-inject

Licence: MIT license
[Note: Not needed with VS Code anymore.] Forwards the host's ssh-agent into a Docker container on Windows and macOS hosts.

Programming Languages

go
31211 projects - #10 most used programming language
shell
77523 projects
Dockerfile
14818 projects

Labels

windowsmacoslinuxdockersshcross-platformosxdocker-containervscodessh-keyssh-agentssh-agent-forwardingopenssh-clientvscode-remote

Projects that are alternatives of or similar to ssh-agent-inject

Awesome Ssh
šŸ’» A curated list of SSH resources.
Stars: āœ­ 1,742 (+8610%)
Mutual labels:  ssh-key, ssh-agent
sshecret
I can keep a SSHecret
Stars: āœ­ 56 (+180%)
Mutual labels:  ssh-agent, ssh-agent-forwarding
The-Learning-Documentation-Project
This documentation is about the new learning(s) and issue(s) resolvings on different aspects of academic, professional and personal thoughts. It includes(or/with links): Research topics(& resources), Programming(issues and code), Advanced Linux commands, Networking commands, bash script command utilization, Linux packages(& scripts), Machinine lā€¦
Stars: āœ­ 27 (+35%)
Mutual labels:  ssh-key, ssh-agent
wsl-agent-bridge
WSL compatibility bridge for ssh-agent on Windows
Stars: āœ­ 17 (-15%)
Mutual labels:  ssh-key, ssh-agent
win-gpg-agent
[DEPRECATED] Windows helpers for GnuPG tools suite
Stars: āœ­ 214 (+970%)
Mutual labels:  ssh-agent, ssh-agent-forwarding
graphsense-dashboard
A web dashboard for interactive cryptocurrency analysis.
Stars: āœ­ 84 (+320%)
Mutual labels:  docker-container
ssh-agent
A shell script that loads ssh-agent and keys into each terminal session of a workstation
Stars: āœ­ 15 (-25%)
Mutual labels:  ssh-agent
docker-tcp-switchboard
Launch a fresh docker container per SSH connection
Stars: āœ­ 44 (+120%)
Mutual labels:  docker-container
cryptorious
CLI Password Manager
Stars: āœ­ 15 (-25%)
Mutual labels:  ssh-key
yupe-docker
Yupe! CMF in Docker containers
Stars: āœ­ 15 (-25%)
Mutual labels:  docker-container
strider-docker-runner
Strider runner that uses Docker
Stars: āœ­ 33 (+65%)
Mutual labels:  docker-container
irsync
rsync on interval, via command line binary or docker container. Server and IOT builds for pull or push based device content management.
Stars: āœ­ 19 (-5%)
Mutual labels:  docker-container
dockervel
Laravel development environment in Docker containers
Stars: āœ­ 30 (+50%)
Mutual labels:  docker-container
pycroft
The new AG DSN management system
Stars: āœ­ 16 (-20%)
Mutual labels:  docker-container
dockermutillidae
Docker container for OWASP Mutillidae II Web Pen-Test Practice Application
Stars: āœ­ 64 (+220%)
Mutual labels:  docker-container
dockerfiles
A collection of Docker recipes.
Stars: āœ­ 31 (+55%)
Mutual labels:  docker-container
hot-reload
Hot reload development for Go
Stars: āœ­ 72 (+260%)
Mutual labels:  docker-container
docker-elk-stack
The ELK stack Docker containerization (Elasticsearch, Logstash and Kibana)
Stars: āœ­ 20 (+0%)
Mutual labels:  docker-container
sshame
brute force SSH public-key authentication
Stars: āœ­ 43 (+115%)
Mutual labels:  ssh-key
knime-docker
KNIME Analytics Platform & SDK with Docker Container in X11 desktop
Stars: āœ­ 19 (-5%)
Mutual labels:  docker-container
View All Similar Projects āž”

ssh-agent-inject

Build Status

Forwards the host's ssh-agent into a Docker container. This is especially useful when working with the Visual Studio Code Remote - Containers extension and Git repos cloned via SSH.

Why this is needed

While you can bind-mount the SSH_AUTH_SOCK from a Linux host, this is not possible from a macOS or Windows host. Also, none of the existing solutions is cross-platform and easy. The recommended solution is to copy the SSH key from the host to the container, but then you have to manually add the key (assuming you've setup ssh-agent within the container) and enter the password within the container.

With ssh-agent-inject you can skip those annoyances and simply reuse your host's ssh-agent.

Usage

Download ssh-agent-inject for your platform. Make sure ssh-agent-inject runs in the background or just launch it on-demand.

Add the following to your Dockerfile:

ENV SSH_AUTH_SOCK=/tmp/.ssh-auth-sock
LABEL com.ensody.ssh-agent-inject=

Alternatively, you can run an arbitrary container directly:

docker run -e SSH_AUTH_SOCK=/tmp/.ssh-auth-sock -l com.ensody.ssh-agent-inject ...

Note that this project is itself using ssh-agent-inject with VS Code (see .devcontainer/).

How it works

This project consists of two applications that communicate through stdio: ssh-agent-inject and ssh-agent-pipe which is embedded within the ssh-agent-inject binary (that's why you don't see it in the release archive).

The ssh-agent-inject command runs on the host and

  • watches Docker for containers having the com.ensody.ssh-agent-inject label
  • copies the embedded ssh-agent-pipe binary into those containers
  • runs ssh-agent-pipe within each container via docker exec
  • connects to the host's ssh-agent (one connection per container)
  • forwards the host's ssh-agent to ssh-agent-pipe via stdio

The ssh-agent-pipe command runs in the container and

  • listens on a UNIX socket at $SSH_AUTH_SOCK
  • handles parallel connections on that UNIX socket
  • serializes all socket<->stdio communication (handles one request-response pair at a time)

The apps communicate via stdio because this keeps the attack surface small and makes it easier to ensure that nobody else can connect to your ssh-agent (assuming you can trust the Docker container, of course).

Building

All required dependencies are contained in a Docker image defined in .devcontainer/, which can be automatically used with Visual Studio Code (or manually via Docker build & run). That way your host system stays clean and the whole environment is automated, exactly defined, isolated from the host, and easily reproducible. This saves time and prevents mistakes (wrong version, interference with other software installed on host, etc.).

Run ./build.sh to build binaries for all platforms.

Releasing

  • Update CHANGELOG.md.
  • Add a tag (e.g. git tag v1.2.3) and push it.
  • The CI system will deploy a draft release to GitHub.
  • Edit the release description and publish it.

Note: Only tags that look like a version number and start with "v" will be deployed to GitHub.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].