docker-ssh-tunnel icon indicating copy to clipboard operation
docker-ssh-tunnel copied to clipboard
verified publisher icon jujhars13

Allow use of ssh-agent instead of mounting SSH key

Open dw-ec opened this issue 2 years ago • 2 comments

Mounting an SSH key into the docker-ssh-tunnel container requires that it be unprotected by a passphrase, or for the passphrase to be stored in the container config. This is insecure.

As an alternative, this change allows the user to forward their ssh key agent SSH_AUTH_SOCK into the container. When this environment variable is defined, the ssh command in run.sh will not attempt to use a private key file, but instead will use the default behaviour of looking for an agent socket at the path ${SSH_AUTH_SOCK}.

Successfully tested on Docker Desktop for Mac.

dw-ec avatar Jun 07 '23 15:06 dw-ec

I've cleaned up the PR to make the change as minimal as possible while providing useful command options to the README.md.

dw-ec avatar Jun 27 '23 14:06 dw-ec

I've updated the example in the docs to use the user's ${SSH_AUTH_SOCK} env var instead of hard-coding the path.

This works in WSL (Ubuntu:22.04 with docker integration enabled); as well as on a Mac, so it's more cross-platform now.

dw-ec avatar Jul 31 '23 16:07 dw-ec