cmk_ssh_key' are too open for a key inside a container provided by docker secrets?

Asked Jan 30 '23 at 12:35

Active Jan 30 '23 at 12:43

Viewed 122 times

https://github.com/docker/compose/issues/9648

This bug of docker compose hinders me to set mode: 600 for a private ssh key mounted inside a container. I would like to run ssh -i /run/secrets/cmk_ssh_key inside the docker container to connect to a host manually. This is not working, because this shows up:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/run/secrets/cmk_ssh_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/run/secrets/cmk_ssh_key": bad permissions

I expect to connect to the host successfully using the private key. The non-interactive SSH Service checks, executed by CheckMK, do work using this ssh key. So I guess it IS possible to circumvent this. Maybe a non-interactive mode?

edited Jan 30 '23 at 12:43

asked Jan 30 '23 at 12:35

peterge

Can I circumvent Permissions 0644 for '/run/secrets/cmk_ssh_key' are too open for a key inside a container provided by docker secrets?

0 Answers0