You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue summary
Upon building and starting new containers, ssh keys from the host located in ~/.ssh correctly get mounted under /user/.ssh however they are not configured in the container's ssh_config file by the script: load-keys.sh.
-> This means that ssh will by default look for keys under the wrong location.
Apparent cause
After some debugging I noticed that load-keys.sh expect to be run by the root user and only load keys owned by $LANDO_WEBROOT_USER, which by default is user.
However, mounted keys automatically get assigned ownership of the current user. This can be reproduced by running ls -la /user/.ssh as both user and root.
Example:
Result as root:
-rw------- 1 root root 1831 Aug 12 00:28 id_rsa
-rw-r--r-- 1 root root 405 Aug 12 00:28 id_rsa.pub
Result as user:
-rw------- 1 user dialout 1831 Aug 12 00:28 id_rsa
-rw-r--r-- 1 user dialout 405 Aug 12 00:28 id_rsa.pub
Also noting a quick workaround for whoever is stuck on this until it gets fixed, list the key you want configured in your lando file under keys, for example:
Your workaround above didn't work for me unfortunately. I noticed you're using orbstack, and I'm using colima. I tested with Docker Desktop and then the keys workaround did work (I have an id_ed25519 and only that one was added).
However, the permissions and user mappings are the same in docker desktop as orb, so I'm not fully sure what's going on here:
Issue summary
Upon building and starting new containers, ssh keys from the host located in ~/.ssh correctly get mounted under /user/.ssh however they are not configured in the container's ssh_config file by the script: load-keys.sh.
-> This means that ssh will by default look for keys under the wrong location.
Apparent cause
After some debugging I noticed that load-keys.sh expect to be run by the
root
user and only load keys owned by $LANDO_WEBROOT_USER, which by default isuser
.However, mounted keys automatically get assigned ownership of the current user. This can be reproduced by running
ls -la /user/.ssh
as both user and root.Example:
Result as
root
:Result as
user
:Fix suggestion
Replace the following line with
readarray -t RAW_LIST < <(find "$SSH_DIR" -maxdepth 1 -not -name '*.pub' -not -name 'known_hosts' -type f)
to prevent a user check which seems pointless since the SSH_CANDIDATE will be assigned correct permissions and ownership further down the same script.Happy to make a PR if that helps.
Current config for reference:
Project specific config:
Container:
Alpine Linux v3.18
The text was updated successfully, but these errors were encountered: