SSH key injection for Docker Machine with Docker Compose

├Źndice
  1. Introduction
  2. Prerequisites
  3. Step 1: Create a Docker Compose file
  4. Step 2: Start the Docker Compose services
  5. Step 3: Inject the SSH key into the Docker Machine host
  6. Step 4: Test the SSH connection
  7. Conclusion

Introduction

Docker Machine is a powerful tool that allows you to create and manage Docker hosts on your local machine or in the cloud. One of the main advantages of using Docker Machine is the ability to easily switch between different Docker environments. However, managing multiple Docker hosts can become cumbersome, especially when it comes to securely accessing them via SSH. Docker Compose is another powerful tool that allows you to define and run multi-container Docker applications. In this article, we will explore how to use Docker Compose to inject SSH keys into Docker Machine hosts, making it easier to securely access them.

Prerequisites

Before we begin, make sure that you have the following prerequisites:

  • Docker Machine installed
  • Docker Compose installed
  • An existing Docker Machine host
  • Your SSH public key

Step 1: Create a Docker Compose file

The first step is to create a Docker Compose file that defines the services we want to run. In this case, we will be running a simple SSH service that will inject our SSH keys into the Docker Machine host.


version: '3'
services:
  ssh-agent:
    image: evalphobia/ssh-agent
    environment:
      - SSH_AUTH_SOCK=/ssh-agent
      - SSH_PRIVATE_KEY=path/to/your/ssh/private/key
    volumes:
      - "ssh-agent:/ssh-agent"
    restart: always
volumes:
  ssh-agent:

In the above example, we define a single service called `ssh-agent` which is based on the `evalphobia/ssh-agent` image. We set the `SSH_AUTH_SOCK` environment variable to `/ssh-agent` and `SSH_PRIVATE_KEY` to the path of our SSH private key. We also define a volume called `ssh-agent` that maps to `/ssh-agent` in the container.

Step 2: Start the Docker Compose services

Now that we have defined our Docker Compose file, we can start the `ssh-agent` service by running the following command:


docker-compose up -d

This will start the `ssh-agent` service in the background. If everything is configured correctly, you should see a message indicating that the service is running.

Step 3: Inject the SSH key into the Docker Machine host

With the `ssh-agent` service running, we can now inject our SSH key into the Docker Machine host. To do this, we use the `docker-machine ssh` command to establish an SSH connection with the Docker Machine host and run the necessary commands to inject the SSH key.


docker-machine ssh machine-name "mkdir -p ~/.ssh && chmod 700 ~/.ssh && printf 'n' | ssh-keygen -t rsa && cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys && ssh-add"

In the above example, replace `machine-name` with the name of your Docker Machine host. This command creates a new SSH key pair, adds the public key to the `authorized_keys` file, sets the correct permissions on the `~/.ssh` directory and the `authorized_keys` file, and adds the private key to the SSH agent.

Step 4: Test the SSH connection

Finally, we can test the SSH connection to the Docker Machine host by running the following command:


ssh docker@machine-ip

In the above example, replace `docker@machine-ip` with the username and IP address of your Docker Machine host. If everything is configured correctly, you should be able to establish an SSH connection without being prompted for a password.

Conclusion

In this article, we explored how to use Docker Compose to inject SSH keys into Docker Machine hosts, making it easier to securely access them. By following the steps outlined in this article, you should now be able to easily manage multiple Docker Machine hosts and securely access them via SSH.

Click to rate this post!
[Total: 0 Average: 0]

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Go up

Below we inform you of the use we make of the data we collect while browsing our pages. You can change your preferences at any time by accessing the link to the Privacy Area that you will find at the bottom of our main page. More Information