nuodb/ssh-agent

By nuodb

Updated about 6 years ago

Docker ssh-agent lets you run ssh-agent and ssh client commands in a container.

Image
0

4.9K

Supported tags and respective Dockerfile links

Quick reference

What is ssh-agent?

Docker ssh-agent lets you run ssh-agent and ssh client commands in a container. It allows you to mount and register keys using ssh-add in a container, then let those credentials persist so long as the container is running. Once the container exits, the keys are automatically destroyed.

The benefit of using the container is to provide host access within clusters when nodes are on a private network, namely giving access to private nodes in Kubernetes clusters (managed or otherwise) running on Amazon, Azure, or Google.

For more information, please see:

drawing

How to use this image

Running the container with no arguments will give you a running ssh-agent process running with typical Linux settings.

Environment Variables

The container exposes the following environment variables, and default values:

  • SSH_DIR /.ssh
  • SOCKET_DIR /.ssh-agent
  • SSH_AUTH_SOCK ${SOCKET_DIR}/socket
  • SSH_AUTH_PROXY_SOCK ${SOCKET_DIR}/proxy-socket

Volumes

The container exposes VOLUME ${SOCKET_DIR}, which is a path to the Unix Domain Socket associated with the ssh-agent; the Unix Domain Socket may be shared between containers in order to run the ssh-add command.

Run a long-lived container named ssh-agent

To run an ssh-agent in Docker:

docker run -d --name=ssh-agent continuul/ssh-agent

To run an ssh-agent in a Kubernetes cluster:

$ kubectl apply -f pod.yaml
pod/ssh-agent created

$ kubectl get pods
NAME                        READY     STATUS    RESTARTS   AGE
ssh-agent                   1/1       Running   0          5s

Add your ssh keys

To add your ssh keys to a running container, simply mount the same volume provided by the ssh-agent container, and run the ssh-add command:

docker run --rm --volumes-from=ssh-agent -v ~/.ssh:/root/.ssh -it ssh-agent \
    ssh-add /root/.ssh/id_rsa

In Kubernetes the commands are slightly different:

$ kubectl cp ~/.ssh/id_rsa_azure ssh-agent:/id_rsa_azure
$ kubectl exec -it ssh-agent -- /bin/bash
bash-4.4# ssh-add id_rsa_azure 
Identity added: id_rsa_azure (user@myhost)

List your keys

In raw Docker:

docker run --rm -it -v ssh:/ssh -e SSH_AUTH_SOCK=/ssh/auth/sock ubuntu \
    /bin/bash -c "apt-get update && apt-get install -y openssh-client && ssh-add -l"

Or in Kubernetes:

$ ssh-add -l
4096 askjhjk34h25243jk5kjhasfhj you@mylaptop (RSA)

License

View license information for the software contained in this image.

Docker Pull Command

docker pull nuodb/ssh-agent