New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Forwarded SSH Agent does not appear in container #2072
Comments
Also experiencing this issue. Does work with the latest 'normal' nerdctl version, not with the rancher version |
I'm not sure a doc entry will fix this issue if that is what you meant by referencing this @jandubois. I think there are some changes that can be done to pass through the ssh_auth_sock from the lima VM to the containers being run. Let me know if you need more details, happy to provide anything helpful |
We have also ran into this issue it would be very appreciated if it was handled for us. Or at least a better way to get the auth sock location. |
Still the issue |
It should be resolved with the latest version. Use the same hard coded path as Docker. |
@ryancurrah Do you mean the same should work with |
Yeah 1.8.0 as long as the latest version of Lima was bundled with Rancher. |
@ryancurrah Thanks, will try it soon and give feedback |
You will still need a ssh:
forwardAgent: true We didn't want to enable it by default without providing an opt-out mechanism for the user. We need to create a proper Preferences setting for it. |
I tried
My override config is as follows:
|
It works only if I specify
Should it work with |
I guess we all think it should, but it doesn't because But you should be able to use the well-known address that @ryancurrah was alluding to: $ rdctl shell ls -l /run/host-services/ssh-auth.sock
lrwxrwxrwx 1 jan root 30 Mar 17 21:08 /run/host-services/ssh-auth.sock -> /tmp/ssh-XXXXoDDcJa/agent.2887 |
Actual Behavior
If you enable agent forwarding for lima-vm, the
SSH_AUTH_SOCK
does not get passed thru to your containers run withnerdctl
Steps to Reproduce
Edit
$HOME/Application Support/rancher-desktop/lima/override.yaml
to contain the following:Run any container with
nerdctl run
and see thatSSH_AUTH_SOCK
environment variable is not set.Result
The environment variable is unset.
Expected Behavior
I expect if agent forwarding is enabled that it will show up inside the container. If that is not a great default, then an option to pass to nerdctl that does this would be great.
Additional Information
I was working around this issue with this command:
and then running my container with
-v $ssh_auth_sock:$ssh_auth_sock --env=SSH_AUTH_SOCK=$ssh_auth_sock
Rancher Desktop Version
1.2.1
Rancher Desktop K8s Version
I have this disabled but set to 1.22.7 (stable)
Which container runtime are you using?
containerd (nerdctl)
What operating system are you using?
macOS
Operating System / Build Version
macOS Monterey Version 12.3.1
What CPU architecture are you using?
x64
Linux only: what package format did you use to install Rancher Desktop?
N/A
Windows User Only
No response
The text was updated successfully, but these errors were encountered: