Hello everyone
I’m trying to control Kodi with Gladys via Node-RED over SSH.
For this I created an SSH key on Gladys’s Raspberry Pi and this key is located at
/home/pi/.ssh/id_rsa
However Node-RED cannot access this file.
On the web I found this
- Item
The following contrived example shows how a private key on the host machine can be read from a container.
docker run -it --rm -v ~/.ssh/id_rsa:/root/.ssh/id_rsa:ro ubuntu cat /root/.ssh/id_rsaThis should allow a process running as root to authenticate with your credentials.
- Item
A cross-platform solution is to use a bind mount to share the host’s .ssh folder with the container:
docker run -v /home/<host user>/.ssh:/home/<docker user>/.ssh <image>Similar to agent forwarding, this approach will make the public keys available to the container. An additional benefit is that it also works with a non-root user and will allow you to connect to GitHub. One caveat to consider, however, is that all contents (including private keys) of the .ssh directory will be shared. This approach is therefore only desirable for development and only for trusted container images.
In the first example I don’t really see what to replace « ro ubuntu » with — maybe the Node-RED Docker image — and I don’t understand what « ro » means
Which would give
docker run -it --rm -v ~/.ssh/id_rsa:/root/.ssh/id_rsa:ro nodered/node-red cat /root/.ssh/id_rsa
For example 2
I think you should replace
<host user> with « pi » on the Raspberry
<docker user> with « admin » entry specified in /var/lib/node-red/settings.js
<image> with « nodered/node-red »
Which would give
docker run -v /home/pi/.ssh:/home/admin/.ssh nodered/node-red
And following Pierre-Gilles’ code this would be
docker run -d \
--log-opt max-size=10m \
--restart=always \
--privileged \
-u root \
--network=host \
--name node_red \
-v /var/lib/node-red:/data \
-v /home/pi/.ssh:/home/admin/.ssh \
nodered/node-red
I would like to know what you think of this before I go ahead with the changes.
Thank you.