ssh keys – How do I run a Docker container as a non-root users and still be able to use ssh?


Stackoverflow told me to post this here…

I created a CentOS 7 based docker container (using Dockerfile) that contains everything I need to perform my tasks (git clone ssh://… and make). The results are written to a shared volume (the shared volume is the checked out source code so the are there by default) so they will be available to the host. I was only able to accomplish this by making sure the container user’s uid and gid match the host user’s uid and gid (e.g. both are myuser 1000:1000). If the uid and gid don’t match I get permission errors writing to the shared volume. The container has a .ssh folder that holds the user’s private key.

I’ve been tasked to eliminate the necessity to have the 2 users match. I added –user $(id -u):$(id -g) to the docker run command line and I can write to the shared volume fine but this breaks the ability to access our git repository assuming there is no longer any ssh key association (getting >> Please make sure you have the correct access rights…).

How can I have a container that doesn’t have a dependence on matching users, I can fully write to a shared volume and also have it retrieve my source code via ssh?