Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Forwarding MSYS SSH agent socket is not supported

See original GitHub issue

Actual Behavior

nerdctl build --ssh default on Windows 11 is not able to look at SSH_AUTH_SOCK to locate ssh-agent, nor is it able to access the socket if I specify it manually.

Steps to Reproduce

On Windows 11, starting ssh-agent, then

nerdctl build --ssh default

Result

Error message about SSH_AUTH_SOCK not set

Expected Behavior

Make ssh-agent available to image build process.

Additional Information

The purpose is to check out a git repository during build that is protected by a ssh deploy key. I first asked a question here, but got pointed in this direction.

Rancher Desktop Version

1.0.1

Rancher Desktop K8s Version

1.23.3

Which container runtime are you using?

containerd (nerdctl)

What operating system are you using?

Windows

Operating System / Build Version

Windows 11 Pro 21H2, 22000.493

What CPU architecture are you using?

x64

Linux only: what package format did you use to install Rancher Desktop?

No response

Windows User Only

No response

Issue Analytics

State:
Created 2 years ago
Comments:5 (3 by maintainers)

Top GitHub Comments

1reaction

mook-ascommented, Feb 25, 2022

Oh, well, in that case I don’t think there’s much we can do: that’s a path for the git bundled msys2 distribution. (Which actually mounts %TEMP%, i.e. C:\Users\<>\App\Local\Temp, into /tmp). That set of emulated Unix mounts is completely unrelated to the WSL paths, and even if we did try to map it, it wouldn’t be recognized as a Unix socket inside WSL (so the ssh agent wouldn’t work).

It looks like Stack Overflow has a description of the msys Unix socket emulation format. That’s totally not doable in our case, I believe.

So I think that:

there’s nothing we can do here (because we can’t fake the msys socket in any way); so I’ll close this issue.
I filed https://github.com/rancher-sandbox/rancher-desktop/issues/1667 to handle the Windows-native ssh agent (that is, the Win32 service talking to \Device\NamedPipe\openssh-ssh-agent). However, ① this isn’t what you’re reporting, and ② we probably wouldn’t implement this any time soon.

0reactions

ahjulstadcommented, Feb 25, 2022

I am confusing myself, sorry. The environment variable is indeed in windows, and appears when running ‘start-ssh-agent’, which comes from git (I have it in C:\Program Files\Git\cmd\start-ssh-agent.cmd), whereas the windows 11 openssh install is in C:\Windows\System32\OpenSSH\ssh.exe

Looks like I am not the first struggling with this: https://github.com/docker/for-win/issues/167

The information contained in this message may be CONFIDENTIAL and is intended for the addressee only. Any unauthorized use, dissemination of the information or copying of this message is prohibited. If you are not the addressee, please notify the sender immediately by return e-mail and delete this message. Thank you