DEV Community

Share .ssh/config with your devcontainer

The Problem

When running on macOS, you typically add UseKeychain yes to your SSH config file. This is a macOS-specific setting that saves and fetches the SSH-key passphrase automatically. However, it doesn't work on Linux and will actually cause an exception on load, rendering git usage directly from your devcontainer impossible.

macOS Setup

Your ~/.ssh folder probably looks something like this:

❯ tree .
├── config
├── hetzner_id_ed25519
├── hetzner_id_ed25519.pub
├── known_hosts
├── known_hosts.old
├── README.md
├── sukkerfrit.github
├── sukkerfrit.github.pub
└── test.sh

And the content of your config something like this:

Host tahh
    HostName github.com
    User git
    AddKeysToAgent yes
    IdentityFile ~/.ssh/sukkerfrit.github
    IdentitiesOnly yes
    ForwardAgent yes

Host hetzner-ktk-test
    HostName xx.xx.xx.xx
    User root
    AddKeysToAgent yes
    UseKeychain yes
    IdentityFile ~/.ssh/hetzner_id_ed25519

Solution: Share ~/.ssh/config with Devcontainers

1. Add host's ~/.ssh to Docker as mount

Mount your host's .ssh folder as read-only to /root/.sshtemplate. This way you don't end up editing your host's config.

devcontainer.json

{
    "name": "some-funkey-name",
    "dockerComposeFile": "docker-compose.yml",
    "service": "development",
    "workspaceFolder": "/xyz",
    "postCreateCommand": "./.devcontainer/post-container-install.sh",
    "mounts": [
        "source=${localEnv:HOME}/.ssh,target=/root/.sshtemplate,type=bind,readonly,consistency=cached"
    ],
}

Change the target if you work on a different user.

2. Copy from .sshtemplate -> .ssh

copy-ssh-files.sh

#!/usr/bin/env bash
set -u

if [ -d /root/.sshtemplate ] ; then
    cp -rf /root/.sshtemplate/. ~/.ssh/
    chmod 700 ~/.ssh
    chmod 600 ~/.ssh/* 2>/dev/null || true
fi

3. Remove lines with UseKeychain

remove-usekeychain-lines.sh

#!/usr/bin/env bash
set -u

# Remove UseKeychain (case-insensitive) from a config file if it exists
if [ -f "$1" ] ; then
    sed -i '/UseKeychain/I d' "$1"
    echo "UseKeychain removed from $1."
fi

4. Create post install file

post-container-install.sh

#!/usr/bin/env bash
...
"$SCRIPTS_DIR/copy-ssh-files.sh"
"$SCRIPTS_DIR/remove-usekeychain-lines.sh" ~/.ssh/config

Enjoy!

Read on DEV Community ↗ ← Back to News

Comments

No comments yet. Start the discussion.