Hello, is there a Github issue related to this problem ?
I have not found any.
Thanks
Share and learn in the Docker community.
Hello, is there a Github issue related to this problem ?
I have not found any.
Thanks
Hey @bclaridge
Have you managed to make it work? I use Docker for Mac (1.12.0-rc2-beta17 (build: 9779)) and tried many solutions but I always get the error: bind: Address already in use
docker run -it -v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -e SSH_AUTH_SOCK="$SSH_AUTH_SOCK" --rm ubuntu bash
root@2ef24e4b480d:/# echo $SSH_AUTH_SOCK
/private/tmp/com.apple.launchd.F1ULFbm6Mx/Listeners
root@2ef24e4b480d:/# ssh-add -l
Could not open a connection to your authentication agent.
root@2ef24e4b480d:/# eval $(`ssh-agent -a $SSH_AUTH_SOCK`)
bind: Address already in use
Thanks
+1 for this issue. Very annoying when you have encrypted private key.
Like you, I’m still waiting for a real solution. In the meantime I’m following this solution:
+1 for this issue - we have plenty of private gems in our bundler Gemfiles that we pull via ssh.
Do you think generic socket forwarding feature will be available in beta24?
Thank you
i found a quite simple way to forward agent:
run this in the container
socat UNIX-LISTEN:/var/run/agentBridge.sock,reuseaddr,fork TCP:192.168.65.1:12345
run this on the mac osx host
socat TCP-LISTEN:12345,reuseaddr,fork,bind=127.0.0.1 UNIX-CLIENT:$SSH_AUTH_SOCK
The drawback is that its listening on a public port 12345 which could be read by anybody, but its limited on the loopback device (and xhyve box)
I implemented a solution to this problem using docker-ssh-agent-forward for using ssh-agent at runtime and committing intermediary images for builds (yes, docker build). This should be more robust than using socat for concurrent builds (socat can only handle single connections unless you are using fork which complicates things further) and more secure. It works great on Docker for Mac and Linux alike.
I have posted complete solution with documentation, examples and base Dockerfile for node/npm here: https://github.com/iheartradio/docker-node
It can of course be extended to other development environments.
docker-ssh-agent-forward doesn’t seem to work with Docker for Mac on MacOS Sierra. Does anyone have another workaround?
We really need support for this to pull from private repos that require SSH authentication.
Any updates on this? Or new work-arounds?
Still waiting on this. It’s quite crippling to not have a solution.
+1 I’m waiting on this…
Lack of proper socket support prevents us from for using Docker in our environment. Any updates on this?
Any news on this? I’m blocked if i can’t share the agent.
Can we get a link to github issues or other issue tracker around this issue? Are there any other workarounds available? docker-ssh-agent-forward is extremely unwieldy.
There is an official solution https://docs.docker.com/docker-for-mac/osxfs/#ssh-agent-forwarding using magic path /run/host-services/ssh-auth.sock
.
That works for Dockerfile
and docker-compose
if a user is root
and with some adjustments in Dockerfile
for non-root.
When a user is non-root in the image and we use it in docker-compose
with a mounted socket in volume, as explained https://docs.docker.com/docker-for-mac/osxfs/#ssh-agent-forwarding
the issue is that socket is owned by root
and not accessible by the inner user from the image.
Any potential solution with chown
or chmod
didn’t work.
The idea is not to use root
when pulling private repos as dependencies in image build process and during development in docker-compose.yml
.
Any advice on how to proceed in this case?
Thanks!