Using ssh-agent with docker on macOS

Question

I would like to use ssh-agent to forward my keys into the docker image and pull from a private github repo.

I am using a slightly modified version of https://github.com/

Answer 1

I expanded on @wilwilson's answer, and created a script that will setup agent forwarding in an OSX boot2docker environment.

https://gist.github.com/rcoup/53e8dee9f5ea27a51855

#!/bin/bash

# Use a unique ssh socket name per-invocation of this script
SSH_SOCK=boot2docker.$$.ssh.socket

# ssh into boot2docker with agent forwarding
ssh -i ~/.ssh/id_boot2docker \
    -o StrictHostKeyChecking=no \
    -o IdentitiesOnly=yes \
    -o UserKnownHostsFile=/dev/null \
    -o LogLevel=quiet \
    -p 2022 docker@localhost \
    -A -M -S $SSH_SOCK -f -n \
    tail -f /dev/null

# get the agent socket path from the boot2docker vm
B2D_AGENT_SOCK=$(ssh -S $SSH_SOCK docker@localhost echo \$SSH_AUTH_SOCK)

# mount the socket (from the boot2docker vm) onto the docker container
# and set the ssh agent environment variable so ssh tools pick it up
docker run \
    -v $B2D_AGENT_SOCK:/ssh-agent \
    -e "SSH_AUTH_SOCK=/ssh-agent" \
    "$@"

# we're done; kill off the boot2docker ssh agent
ssh -S $SSH_SOCK -O exit docker@localhost

Stick it in ~/bin/docker-run-ssh, chmod +x it, and use docker-run-ssh instead of docker run.

Answer 2

By default, boot2docker shares only files under /Users. SSH_AUTH_SOCK is probably under /tmp so the -v mounts the agent of the VM, not the one from your mac.

If you setup your VirtualBox to share /tmp, it should be working.