1

I have setup a VS Code dev container and I can run and debug my code inside. My ~/.gitconfig from my host system was correctly copied into the container. However, my ssh credentials don't seem to work (or are not available), neither are my gnupg signing files (~/.gnupg) available.

Must I manually copy these files ( ~/.ssh and ~/.gnupg) into the container?

The documentation cautions:

There are some cases when you may be cloning your repository using SSH keys instead of a credential helper. To enable this scenario, the extension will automatically forward your local SSH agent if one is running.

The only stated requirement is the SSH-agent server running on my host system, which it is:

C:\Windows\system32> Get-Service ssh-agent

Status   Name               DisplayName
------   ----               -----------
Running  ssh-agent          OpenSSH Authentication Agent

What is the correct way to make my SSH credentials available to my dev container?

Daniel Stephens
  • 2,371
  • 8
  • 34
  • 86
  • 1
    Could you share your container config and any relevant settings in your `.gitconfig`? I'm having difficulty reproducing. – James Risner Mar 22 '23 at 22:22
  • Since it works on your machine, I gave it a try on another and it works there as well. I think I found the culprit, the `.ssh` folder was set to another path and hence the mounting of `.ssh` pointed to the wrong folder. Feel free to post your example `.devcontainer.json` and I staple my bounty to it. Don't want the points being lost, so better they serve someone who tried checking out this question. – Daniel Stephens Mar 23 '23 at 14:01
  • 1
    So I updated my answer this morning, I think maybe the issue is you have terminal.integrated.inheritEnv unchecked? See my answer. – James Risner Mar 24 '23 at 12:22
  • 1
    That was it, I overwrote it in my local project. – Daniel Stephens Mar 27 '23 at 03:48

2 Answers2

1

There are a couple prerequisites.

  1. You must have VS Code setting terminal.integrated.inheritEnv enabled.
  2. You must have your ssh-agent ran at login.

VS Code supports your ssh settings via doing two things:

  • Copying in known_hosts from your ~/.ssh/known_hosts.
  • Finding your ssh-agent socket created when you logged into the system.

For me on macOS, the ssh-agent creates a file in a random location, e.g.:

SSH_AUTH_SOCK=/tmp/vscode-ssh-auth-1a6abf46-1c35-41bf-aedd-e08135a38f5f.sock

My login scripts performs two commands, in this example I ran them on the command line:

% eval `ssh-agent`
Agent pid 15376

% ssh-add
Identity added: /Users/risner/.ssh/id_rsa (/Users/risner/.ssh/id_rsa)

For Windows, this answer should help in setting up the agent:
How to run ssh-add on windows?

Once created, all your containers should pick it up without specific settings. Here is a test .devcontainer.json file:

{
  "build": {
    "dockerfile": "Dockerfile",
    "args": { "VARIANT": "hirsute" }
  },
  "forwardPorts": [3000]
}

For a M1 Mac, the hirsute variant picks up the native arm64.

My test Dockerfile is rather generic:

FROM mcr.microsoft.com/devcontainers/javascript-node:0-18
RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
    && apt-get -y install git

Once in the container, I verified the keys worked:

node ➜ /workspaces/MySSH (master) $ set|grep -i ssh
PWD=/workspaces/MySSH
REMOTE_CONTAINERS_SOCKETS='["/tmp/vscode-ssh-auth-1a6abf46-1c35-41bf-aedd-e08135a38f5f.sock","/tmp/.X11-unix/X0"]'
SSH_AUTH_SOCK=/tmp/vscode-ssh-auth-1a6abf46-1c35-41bf-aedd-e08135a38f5f.sock
node ➜ /workspaces/MySSH (master) $ ssh risner@my.example.com
Last login: Mon Mar  6 08:31:03 2023 from 172.59.80.11
James Risner
  • 5,451
  • 11
  • 25
  • 47
1

It is also possible to achieve this with the mount capability of the devcontainer.json configuration file:

    {
        "name": "container name",
        ...
        "remoteUser": "root",  
        "mounts": [
            "source=${localEnv:HOME}/.ssh,target=/root/.ssh,type=bind,consistency=cached",
        ]
       ...
    }
Kanekotic
  • 2,824
  • 3
  • 21
  • 35