I'd like to set up SSH with my Laradock workspace container so I can deploy to git.
Inside the workspace folder, there are keypairs insecure_id_rsa and insecure_id_rsa.pub.
Obviously I don't want to use what comes in the repository, but there are no instructions beyond connecting inside the workspace.
Am I supposed to generate my own keys and have them in my workspace folder?
in the DockerFile:
###########################################################################
# ssh:
###########################################################################
ARG INSTALL_WORKSPACE_SSH=false
COPY insecure_id_rsa /tmp/id_rsa
COPY insecure_id_rsa.pub /tmp/id_rsa.pub
RUN if [ ${INSTALL_WORKSPACE_SSH} = true ]; then \
rm -f /etc/service/sshd/down && \
cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keys \
&& cat /tmp/id_rsa.pub >> /root/.ssh/id_rsa.pub \
&& cat /tmp/id_rsa >> /root/.ssh/id_rsa \
&& rm -f /tmp/id_rsa* \
&& chmod 644 /root/.ssh/authorized_keys /root/.ssh/id_rsa.pub \
&& chmod 400 /root/.ssh/id_rsa \
&& cp -rf /root/.ssh /home/laradock \
&& chown -R laradock:laradock /home/laradock/.ssh \
;fi
How do I set up a secure SSH connection to Laradock to use on Github?
I can connect in my workspace doing ssh root@localhost. I just don't understand what's required to have my own keys inside the container and how to do it securely.
Should I make a new key with putty and replace the insecure keys?
Edit: so i can run ssh-keygen on my container and get new keypairs. I can deploy on github fine with them.
But of course, when my docker restarts, these files are no longer there and get overwritten by the config above.
So is it safe to put my actual keys in a laradock folder?
Edit: I ended up copying what ssh-keygen generated in the .ssh folder and pasting into the files that get copied over when my containers run. this of course works fine, but I'm just not sure this is the best way to go about things. especially if you want to keep the repo up to date with what laradock is doing
Can you copy the generated ssh keys to the laradock folder (and rename them to insecure_id_rsa and insecure_id_rsa.pub) then laradock will copy them across each time?
Or set INSTALL_WORKSPACE_SSH=false after it is set up so it doesn't overwrite the keys?