Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Forwarding WSL2 ssh-agent into DevContainer is not working. #3902

Closed
mattcrn opened this issue Oct 26, 2020 · 26 comments
Closed

Forwarding WSL2 ssh-agent into DevContainer is not working. #3902

mattcrn opened this issue Oct 26, 2020 · 26 comments
Assignees
@Chuxel
Labels
containers Issue in vscode-remote containers doc

Comments

@mattcrn
Copy link

mattcrn commented Oct 26, 2020

  • VSCode Version: 1.50.1
  • Local OS Version: Windows 10 2004 / Ubuntu 20.04.1 LTS WSL2
  • Remote OS Version: Any Container
  • Remote Extension/Connection Type: Docker

Steps to Reproduce:

  1. Set up WSL2 with Ubuntu
  2. Add the following to your .bash_profile
if [ -z "$SSH_AUTH_SOCK" ]; then
   # Check for a currently running instance of the agent
   RUNNING_AGENT="`ps -ax | grep 'ssh-agent -s' | grep -v grep | wc -l | tr -d '[:space:]'`"
   if [ "$RUNNING_AGENT" = "0" ]; then
        # Launch a new instance of the agent
        ssh-agent -s &> .ssh/ssh-agent
   fi
   eval `cat .ssh/ssh-agent`
fi
  1. add your ssh-key to the agent
  2. create a new folder and open it with code within wsl2
  3. creat dev container configuration files (I used Debian with git)
  4. reopen folder in dev container
  5. type ssh-agent -l
    get this error: Could not open a connection to your authentication agent.
  6. type echo $SSH_AUTH_SOCK
    get empty line

Now for something else I tried:

  1. add to top of you bashrc in wsl2 : export SSH_AUTH_SOCK=test
  2. rebuild your dev container
    Now $SSH_AUTH_SOCK has something like
    /tmp/vscode-ssh-auth-22aa630c3293905f2a753276fd8cf09320ce8d58.sock
    but ssh-agent -l gives
    error fetching identities: communication with agent failed

If I expoort socket and SSH_AUTH_SOCK via docker-compose file, everything works but I cannot get it to work with vscode.
@github-actions github-actions bot added the containers Issue in vscode-remote containers label Oct 26, 2020
@chrmarti
Copy link
Contributor

Could you attach the Dev Container log (F1 > Remote-Containers: Show Log)?

@chrmarti chrmarti self-assigned this Oct 27, 2020
@chrmarti chrmarti added the info-needed Issue requires more information from poster label Oct 27, 2020
@mattcrn
Copy link
Author

mattcrn commented Oct 27, 2020
edited
Loading

With setting SSH_AUTH_SOCK in .bashrc

[29 ms] Remote-Containers 0.145.1 in VS Code 1.50.1 (d2e414d9e4239a252d1ab117bd7067f125afd80a).
[89 ms] Start: Resolving remote
[98 ms] Start: Run: wsl -d Ubuntu -e wslpath -u \\wsl$\Ubuntu\home\matt\projects\test
[368 ms] Start: Run: wsl -d Ubuntu
[631 ms] Setting up container for folder or workspace: /home/matt/projects/test

[634 ms] Start: Check Docker is running
[634 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'info'
[2426 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && test '-f' '/home/matt/projects/test/.devcontainer/devcontainer.json'
[2668 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/projects/test/.devcontainer/devcontainer.json'
[2920 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && git 'rev-parse' '--show-toplevel'
[3159 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'ps' '-q' '-a' '--filter' 'label=vsch.local.folder=\\wsl$\Ubuntu\home\matt\projects\test' '--filter' 'label=vsch.quality=stable'
[4065 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/projects/test/.devcontainer/Dockerfile'
[4302 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'build' '-f' '/home/matt/projects/test/.devcontainer/Dockerfile' '-t' 'vsc-test-91925a5824d3e1df11255e3fbeae1a87' '--build-arg' 'VARIANT=buster' '/home/matt/projects/test/.devcontainer'
Sending build context to Docker daemon  4.096kB
Step 1/2 : ARG VARIANT="buster"
Step 2/2 : FROM mcr.microsoft.com/vscode/devcontainers/base:0-${VARIANT}
 ---> ad7a786dc343
Successfully built ad7a786dc343
Successfully tagged vsc-test-91925a5824d3e1df11255e3fbeae1a87:latest
[6071 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'inspect' '--type' 'image' 'vsc-test-91925a5824d3e1df11255e3fbeae1a87'
[7075 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker '-v'
[8086 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'events' '--format' '{{json .}}' '--filter' 'status=start'
[8099 ms] Start: Starting container
[8099 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'run' '-a' 'STDOUT' '-a' 'STDERR' '--mount' 'type=bind,source=/home/matt/projects/test,target=/workspaces/test' '-l' 'vsch.quality=stable' '-l' 'vsch.remote.devPort=0' '-l' 'vsch.local.folder=\\wsl$\Ubuntu\home\matt\projects\test' '--entrypoint' '/bin/sh' 'vsc-test-91925a5824d3e1df11255e3fbeae1a87' '-c' 'echo Container started ; trap "exit 0" 15; while sleep 1 & wait $!; do :; done'
Container started
[10776 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'ps' '-q' '-a' '--filter' 'label=vsch.local.folder=\\wsl$\Ubuntu\home\matt\projects\test' '--filter' 'label=vsch.quality=stable'
[11833 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'inspect' '--type' 'container' 'e1a14f10b2f1'
[12959 ms] Start: Inspecting container
[12959 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'inspect' '--type' 'container' 'e1a14f10b2f12381c5417e6686dd2aa274745156f080d85a2b771fa24b751ed3'
[14041 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=7f563296-b044-4b7b-962b-fd83edb761ab1603790309602' 'e1a14f10b2f12381c5417e6686dd2aa274745156f080d85a2b771fa24b751ed3' '/bin/sh'
[14053 ms] Start: Run in container: uname -m
[15011 ms] x86_64
[15012 ms] 
[15012 ms] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[15016 ms] PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
[15017 ms] 
[15017 ms] Start: Run in container: cat /etc/passwd
[15023 ms] Start: Updating configuration state
[15024 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/projects/test/.devcontainer/Dockerfile'
[15223 ms] Start: Setup shutdown monitor
[15231 ms] Forking shutdown monitor: c:\Users\matthias.frank\.vscode\extensions\ms-vscode-remote.remote-containers-0.145.1\dist\shutdownMonitorProcess \\.\pipe\vscode-remote-containers-ef253896f3760940d8a0779d2c7c25a27f5f2d1a-sock singleContainer Info c:\Users\matthias.frank\AppData\Roaming\Code\logs\20201027T091137\exthost1\ms-vscode-remote.remote-containers 1603790311309
[15248 ms] Start: Run in container: test -d /root/.vscode-server
[15252 ms] 
[15253 ms] 
[15253 ms] Exit code 1
[15253 ms] Start: Run in container: test -d /root/.vscode-remote
[15258 ms] 
[15258 ms] 
[15258 ms] Exit code 1
[15259 ms] Start: Run in container: set -o noclobber ; mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[15266 ms] 
[15266 ms] 
[15267 ms] Start: Run in container: mkdir -p '/root/.vscode-server/data/Machine' && cat >'/root/.vscode-server/data/Machine/settings.json' <<'settingsJSON'
[15275 ms] 
[15275 ms] 
[15276 ms] Start: Run in container: test -d /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a
[15280 ms] 
[15280 ms] 
[15280 ms] Exit code 1
[15280 ms] Installing VS Code Server for commit d2e414d9e4239a252d1ab117bd7067f125afd80a
[15280 ms] Start: Run in container: mkdir -p /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a_1603790326589
[15287 ms] 
[15288 ms] 
[15433 ms] Start: Run in container: (dd iflag=fullblock bs=8192 count=3928 2>/dev/null; dd iflag=fullblock bs=1759 count=1 2>/dev/null) | tar --no-same-owner -xz --strip-components 1 -C /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a_1603790326589
[17400 ms] 
[17401 ms] 
[17401 ms] Start: Run in container: mv -n /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a_1603790326589 /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a
[17407 ms] 
[17407 ms] 
[17407 ms] Start: Launching Remote-Containers helper.
[17409 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && gpgconf '--list-dir' 'agent-extra-socket'
[17688 ms] Start: Run in container: gpgconf --list-dir agent-socket
[17698 ms] /root/.gnupg/S.gpg-agent
[17698 ms] 
[17698 ms] Start: Run in container: gpgconf --list-dir homedir
[17703 ms] /root/.gnupg
[17704 ms] 
[17704 ms] Start: Run in container: ls '/root/.gnupg/private-keys-v1.d' 2>/dev/null
[17713 ms] 
[17713 ms] 
[17713 ms] Exit code 2
[17713 ms] Start: Run in container: mkdir -p -m 700 '/root/.gnupg'
[17716 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.gitconfig'
[17720 ms] 
[17720 ms] 
[17720 ms] Start: Run in container: cat <<'EOF-/tmp/vscode-remote-containers-be67d243512592d9d465b82bbb0bffb774ca3dd8.js' >/tmp/vscode-remote-containers-be67d243512592d9d465b82bbb0bffb774ca3dd8.js
[17721 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && gpgconf '--list-dir' 'homedir'
[17730 ms] 
[17730 ms] 
[17730 ms] Start: Run in container: cat <<'EOF-/tmp/vscode-remote-containers-server-be67d243512592d9d465b82bbb0bffb774ca3dd8.js' >/tmp/vscode-remote-containers-server-be67d243512592d9d465b82bbb0bffb774ca3dd8.js
[17741 ms] 
[17742 ms] 
[17742 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'REMOTE_CONTAINERS_SOCKETS=["/tmp/vscode-ssh-auth-be67d243512592d9d465b82bbb0bffb774ca3dd8.sock","/root/.gnupg/S.gpg-agent"]' '-e' 'REMOTE_CONTAINERS_IPC=/tmp/vscode-remote-containers-ipc-be67d243512592d9d465b82bbb0bffb774ca3dd8.sock' 'e1a14f10b2f12381c5417e6686dd2aa274745156f080d85a2b771fa24b751ed3' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '/tmp/vscode-remote-containers-server-be67d243512592d9d465b82bbb0bffb774ca3dd8.js'
[17984 ms] Start: Run in container: # Test for /root/.gitconfig and git
[17991 ms] 
[17991 ms] 
[17991 ms] Start: Run in container: # Copy /home/matt/.gitconfig to /root/.gitconfig
[17999 ms] 
[17999 ms] 
[17999 ms] Start: Run in container: command -v git >/dev/null 2>&1 && git config --global credential.helper '!f() { /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node /tmp/vscode-remote-containers-be67d243512592d9d465b82bbb0bffb774ca3dd8.js $*; }; f' || true
[18006 ms] 
[18006 ms] 
[18007 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.ssh/known_hosts'
[18029 ms] Start: Run in container: gpgconf --list-dir homedir
[18036 ms] /root/.gnupg
[18036 ms] 
[18037 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.gnupg/pubring.kbx'
[18257 ms] Start: Run in container: # Test for /root/.ssh/known_hosts and ssh
[18266 ms] 
[18266 ms] 
[18266 ms] Start: Run in container: # Copy /home/matt/.ssh/known_hosts to /root/.ssh/known_hosts
[18273 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.gnupg/trustdb.gpg'
[18276 ms] 
[18276 ms] 
[18277 ms] Start: Run in container: set -o noclobber ; mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.installExtensionsMarker' ; } 2> /dev/null
[18285 ms] 
[18286 ms] 
[18295 ms] Start: Run in container: for pid in `cd /proc && ls -d [0-9]*`; do { echo $pid ; readlink -f /proc/$pid/cwd ; xargs -0 < /proc/$pid/environ ; xargs -0 < /proc/$pid/cmdline ; } ; echo ; done 2>/dev/null
[18358 ms] Start: Run in container: /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/server.sh --disable-user-env-probe --use-host-proxy --port 0 --extensions-download-dir /root/.vscode-server/extensionsCache
[18535 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && gpg-connect-agent 'updatestartuptty' '/bye'
[19105 ms] 

*
* Visual Studio Code Server
*
* Reminder: You may only use this software with Visual Studio family products,
* as described in the license https://aka.ms/vscode-remote/license
*


[19147 ms] IP Address: 172.17.0.2
[19154 ms] Extension host agent listening on 33441
[19155 ms] Start: Run in container: echo 33441 >/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/.devport
[19156 ms] 

[19156 ms] [09:18:50] Extension host agent started.
[19159 ms] 
[19159 ms] 
[19162 ms] Forwarding local port 33441 to container port 33441
[19234 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=7f563296-b044-4b7b-962b-fd83edb761ab1603790309602' 'e1a14f10b2f12381c5417e6686dd2aa274745156f080d85a2b771fa24b751ed3' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e' '
[19235 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=7f563296-b044-4b7b-962b-fd83edb761ab1603790309602' 'e1a14f10b2f12381c5417e6686dd2aa274745156f080d85a2b771fa24b751ed3' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e' '
[20249 ms] [09:18:51] [::ffff:127.0.0.1][0cf0666a][ExtensionHostConnection] New connection established.
[20265 ms] [09:18:51] [::ffff:127.0.0.1][0cf0666a][ExtensionHostConnection] <144> Launched Extension Host Process.
[20486 ms] [09:18:51] [::ffff:127.0.0.1][8608d981][ManagementConnection] New connection established.
[21605 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=7f563296-b044-4b7b-962b-fd83edb761ab1603790309602' 'e1a14f10b2f12381c5417e6686dd2aa274745156f080d85a2b771fa24b751ed3' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e' '
[21859 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=7f563296-b044-4b7b-962b-fd83edb761ab1603790309602' 'e1a14f10b2f12381c5417e6686dd2aa274745156f080d85a2b771fa24b751ed3' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e'

without setting SSH_AUTH_SOCK in .bashrc

[5 ms] Remote-Containers 0.145.1 in VS Code 1.50.1 (d2e414d9e4239a252d1ab117bd7067f125afd80a).
[16 ms] Start: Resolving remote
[17 ms] Start: Run: wsl -d Ubuntu -e wslpath -u \\wsl$\Ubuntu\home\matt\projects\test
[138 ms] Start: Run: wsl -d Ubuntu
[264 ms] Setting up container for folder or workspace: /home/matt/projects/test

[267 ms] Start: Check Docker is running
[267 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'info'
[1740 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && test '-f' '/home/matt/projects/test/.devcontainer/devcontainer.json'
[1971 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/projects/test/.devcontainer/devcontainer.json'
[2215 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && git 'rev-parse' '--show-toplevel'
[2449 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'ps' '-q' '-a' '--filter' 'label=vsch.local.folder=\\wsl$\Ubuntu\home\matt\projects\test' '--filter' 'label=vsch.quality=stable'
[3478 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/projects/test/.devcontainer/Dockerfile'
[3684 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'build' '-f' '/home/matt/projects/test/.devcontainer/Dockerfile' '-t' 'vsc-test-91925a5824d3e1df11255e3fbeae1a87' '--build-arg' 'VARIANT=buster' '/home/matt/projects/test/.devcontainer'
Sending build context to Docker daemon  4.096kB
Step 1/2 : ARG VARIANT="buster"
Step 2/2 : FROM mcr.microsoft.com/vscode/devcontainers/base:0-${VARIANT}
 ---> ad7a786dc343
Successfully built ad7a786dc343
Successfully tagged vsc-test-91925a5824d3e1df11255e3fbeae1a87:latest
[5209 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'inspect' '--type' 'image' 'vsc-test-91925a5824d3e1df11255e3fbeae1a87'
[6266 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker '-v'
[7241 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'events' '--format' '{{json .}}' '--filter' 'status=start'
[7253 ms] Start: Starting container
[7253 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'run' '-a' 'STDOUT' '-a' 'STDERR' '--mount' 'type=bind,source=/home/matt/projects/test,target=/workspaces/test' '-l' 'vsch.quality=stable' '-l' 'vsch.remote.devPort=0' '-l' 'vsch.local.folder=\\wsl$\Ubuntu\home\matt\projects\test' '--entrypoint' '/bin/sh' 'vsc-test-91925a5824d3e1df11255e3fbeae1a87' '-c' 'echo Container started ; trap "exit 0" 15; while sleep 1 & wait $!; do :; done'
Container started
[8721 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'ps' '-q' '-a' '--filter' 'label=vsch.local.folder=\\wsl$\Ubuntu\home\matt\projects\test' '--filter' 'label=vsch.quality=stable'
[9519 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'inspect' '--type' 'container' '63573cbb1182'
[10415 ms] Start: Inspecting container
[10415 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'inspect' '--type' 'container' '63573cbb1182615b76cce4864e12cc91cc4796ba7cbaa617b07dad756581d8aa'
[11389 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=e689ab79-ef0d-4b7d-b73d-8b24eb316ef21603790471809' '63573cbb1182615b76cce4864e12cc91cc4796ba7cbaa617b07dad756581d8aa' '/bin/sh'
[11403 ms] Start: Run in container: uname -m
[12415 ms] x86_64
[12415 ms] 
[12415 ms] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[12421 ms] PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
[12422 ms] 
[12422 ms] Start: Run in container: cat /etc/passwd
[12428 ms] Start: Updating configuration state
[12429 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/projects/test/.devcontainer/Dockerfile'
[12633 ms] Start: Setup shutdown monitor
[12639 ms] Forking shutdown monitor: c:\Users\matthias.frank\.vscode\extensions\ms-vscode-remote.remote-containers-0.145.1\dist\shutdownMonitorProcess \\.\pipe\vscode-remote-containers-57db0fee1a37752b817fb1951d86bd50cd7994e8-sock singleContainer Info c:\Users\matthias.frank\AppData\Roaming\Code\logs\20201027T091137\exthost1\ms-vscode-remote.remote-containers 1603790472665
[12653 ms] Start: Run in container: test -d /root/.vscode-server
[12657 ms] 
[12658 ms] 
[12658 ms] Exit code 1
[12658 ms] Start: Run in container: test -d /root/.vscode-remote
[12662 ms] 
[12663 ms] 
[12663 ms] Exit code 1
[12664 ms] Start: Run in container: set -o noclobber ; mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[12671 ms] 
[12671 ms] 
[12671 ms] Start: Run in container: mkdir -p '/root/.vscode-server/data/Machine' && cat >'/root/.vscode-server/data/Machine/settings.json' <<'settingsJSON'
[12679 ms] 
[12680 ms] 
[12681 ms] Start: Run in container: test -d /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a
[12685 ms] 
[12685 ms] 
[12685 ms] Exit code 1
[12685 ms] Installing VS Code Server for commit d2e414d9e4239a252d1ab117bd7067f125afd80a
[12685 ms] Start: Run in container: mkdir -p /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a_1603790485350
[12691 ms] 
[12691 ms] 
[12745 ms] Start: Run in container: (dd iflag=fullblock bs=8192 count=3928 2>/dev/null; dd iflag=fullblock bs=1759 count=1 2>/dev/null) | tar --no-same-owner -xz --strip-components 1 -C /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a_1603790485350
[14752 ms] 
[14752 ms] 
[14752 ms] Start: Run in container: mv -n /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a_1603790485350 /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a
[14757 ms] 
[14757 ms] 
[14758 ms] Start: Launching Remote-Containers helper.
[14759 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && gpgconf '--list-dir' 'agent-extra-socket'
[14950 ms] Start: Run in container: gpgconf --list-dir agent-socket
[14954 ms] /root/.gnupg/S.gpg-agent
[14955 ms] 
[14955 ms] Start: Run in container: gpgconf --list-dir homedir
[14960 ms] /root/.gnupg
[14961 ms] 
[14962 ms] Start: Run in container: ls '/root/.gnupg/private-keys-v1.d' 2>/dev/null
[14967 ms] 
[14968 ms] 
[14968 ms] Exit code 2
[14968 ms] Start: Run in container: mkdir -p -m 700 '/root/.gnupg'
[14970 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.gitconfig'
[14973 ms] 
[14973 ms] 
[14973 ms] Start: Run in container: cat <<'EOF-/tmp/vscode-remote-containers-2580a37bb33f84ee3f49d8e53b38260a3683862f.js' >/tmp/vscode-remote-containers-2580a37bb33f84ee3f49d8e53b38260a3683862f.js
[14974 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && gpgconf '--list-dir' 'homedir'
[14979 ms] 
[14979 ms] 
[14979 ms] Start: Run in container: cat <<'EOF-/tmp/vscode-remote-containers-server-2580a37bb33f84ee3f49d8e53b38260a3683862f.js' >/tmp/vscode-remote-containers-server-2580a37bb33f84ee3f49d8e53b38260a3683862f.js
[14989 ms] 
[14989 ms] 
[14989 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'REMOTE_CONTAINERS_SOCKETS=["/root/.gnupg/S.gpg-agent"]' '-e' 'REMOTE_CONTAINERS_IPC=/tmp/vscode-remote-containers-ipc-2580a37bb33f84ee3f49d8e53b38260a3683862f.sock' '63573cbb1182615b76cce4864e12cc91cc4796ba7cbaa617b07dad756581d8aa' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '/tmp/vscode-remote-containers-server-2580a37bb33f84ee3f49d8e53b38260a3683862f.js'
[15283 ms] Start: Run in container: # Test for /root/.gitconfig and git
[15289 ms] 
[15289 ms] 
[15289 ms] Start: Run in container: gpgconf --list-dir homedir
[15294 ms] /root/.gnupg
[15295 ms] 
[15295 ms] Start: Run in container: # Copy /home/matt/.gitconfig to /root/.gitconfig
[15295 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.gnupg/pubring.kbx'
[15303 ms] 
[15303 ms] 
[15304 ms] Start: Run in container: command -v git >/dev/null 2>&1 && git config --global credential.helper '!f() { /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node /tmp/vscode-remote-containers-2580a37bb33f84ee3f49d8e53b38260a3683862f.js $*; }; f' || true
[15311 ms] 
[15312 ms] 
[15312 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.ssh/known_hosts'
[15510 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && cat '/home/matt/.gnupg/trustdb.gpg'
[15522 ms] Start: Run in container: # Test for /root/.ssh/known_hosts and ssh
[15528 ms] 
[15528 ms] 
[15528 ms] Start: Run in container: # Copy /home/matt/.ssh/known_hosts to /root/.ssh/known_hosts
[15535 ms] 
[15536 ms] 
[15537 ms] Start: Run in container: set -o noclobber ; mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.installExtensionsMarker' ; } 2> /dev/null
[15543 ms] 
[15543 ms] 
[15548 ms] Start: Run in container: for pid in `cd /proc && ls -d [0-9]*`; do { echo $pid ; readlink -f /proc/$pid/cwd ; xargs -0 < /proc/$pid/environ ; xargs -0 < /proc/$pid/cmdline ; } ; echo ; done 2>/dev/null
[15589 ms] Start: Run in container: /root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/server.sh --disable-user-env-probe --use-host-proxy --port 0 --extensions-download-dir /root/.vscode-server/extensionsCache
[15745 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && gpg-connect-agent 'updatestartuptty' '/bye'
[16375 ms] 

*
* Visual Studio Code Server
*
* Reminder: You may only use this software with Visual Studio family products,
* as described in the license https://aka.ms/vscode-remote/license
*


[16406 ms] IP Address: 172.17.0.2
[16414 ms] Extension host agent listening on 44805
[16415 ms] Start: Run in container: echo 44805 >/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/.devport
[16416 ms] 

[09:21:28] Extension host agent started.
[16418 ms] 
[16419 ms] 
[16421 ms] Forwarding local port 44805 to container port 44805
[16489 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=e689ab79-ef0d-4b7d-b73d-8b24eb316ef21603790471809' '63573cbb1182615b76cce4864e12cc91cc4796ba7cbaa617b07dad756581d8aa' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e' '
[16490 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=e689ab79-ef0d-4b7d-b73d-8b24eb316ef21603790471809' '63573cbb1182615b76cce4864e12cc91cc4796ba7cbaa617b07dad756581d8aa' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e' '
[17477 ms] [09:21:29] [::ffff:127.0.0.1][5686d8f9][ExtensionHostConnection] New connection established.
[17490 ms] [09:21:29] [::ffff:127.0.0.1][5686d8f9][ExtensionHostConnection] <147> Launched Extension Host Process.
[17578 ms] [09:21:29] [::ffff:127.0.0.1][388220a2][ManagementConnection] New connection established.
[18685 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=e689ab79-ef0d-4b7d-b73d-8b24eb316ef21603790471809' '63573cbb1182615b76cce4864e12cc91cc4796ba7cbaa617b07dad756581d8aa' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e' '
[18940 ms] Start: Run: wsl -d Ubuntu -e /bin/sh -c cd '/home/matt/projects/test' && docker 'exec' '-i' '-u' 'root' '-e' 'VSCODE_REMOTE_CONTAINERS_SESSION=e689ab79-ef0d-4b7d-b73d-8b24eb316ef21603790471809' '63573cbb1182615b76cce4864e12cc91cc4796ba7cbaa617b07dad756581d8aa' '/root/.vscode-server/bin/d2e414d9e4239a252d1ab117bd7067f125afd80a/node' '-e' '

@chrmarti
Copy link
Contributor

What do you get when you run the following in PowerShell:

wsl -d Ubuntu -e /bin/bash -lc printenv | findstr SSH_AUTH_SOCK

@PavelSosin-320
Copy link

@chrmarti It can be an issue with iptables configuration behind Docker port mapping. In the recent Docker Desktop version running on the Linux 4.9 WSL Kernel. I was surprised to see that WSL Docker daemon really manages iptables.I'm not a Linux security specialist and from 1st look iptables -L on Docker-desktop distro shows that everything allowed in both directions but iptables interpretation is the real hell. The documentation provided by Docker in the Docker Networking part talks about how to config iptables for access to container ports outside. In the distro-to-distro scenario where client and server can communicate either via WSL VM localhost or docker.host.internal, I suppose the second option is more reliable.
Google found me many cases when it doesn't work.
I suppose, Docker bridges containers to the WSL interface but if lo interface of the second distro is connected to the Docker0 is a question. docker.host.internal looks more reliable - it defined for every distro in the /etc/hosts file by WSL

@mattcrn
Copy link
Author

mattcrn commented Oct 27, 2020

What do you get when you run the following in PowerShell:

wsl -d Ubuntu -e /bin/bash -lc printenv | findstr SSH_AUTH_SOCK

Gives me SSH_AUTH_SOCK=/tmp/ssh-RMJkTaAOWyE4/agent.227

@chrmarti
Copy link
Contributor

@mattcrn Do you have socat installed in the WSL distro?

@mattcrn
Copy link
Author

mattcrn commented Oct 27, 2020 

socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.3.3 on Oct 26 2019 17:42:04
   running on Linux version #1 SMP Wed Feb 19 06:37:35 UTC 2020, release 4.19.104-microsoft-standard, machine x86_64

@PavelSosin-320
Copy link

The intra-container network is 100% isolated from the host unless it is Docker on Linux and network=host.
Daemon guards its network using iptables. Try docker exec ... ip a You will see lo and eth0 of bridge interfaces y the default.
Docker developers are not so stupid to leave a backdoor.
Forget about lo -this is only for intra container IPC.
So, the only chance is to use docker.host.internal which the WSL VM IP to which all containers are connected via Docker bridge - see ip a inside Docker-desktop distro.
Docker network inspect ?bridge explains almost everything including containers attached to it.
The Docker's default is always bridge - see docker network ls.
If you will try to use Host Machine IP its firewall will block you between Host eth0 and WSL vEthernet. This scenario is excluded by WSL design.
To access outer Docker from WSL the outgoing access has to be opened from WSL VM IP by the host
For reliable outgoing access from the docker container a reverse proxy is must and additional docker client configuration.
Integration between Docker desktop and other WSL distro means: use docker.host.internal.

@chrmarti
Copy link
Contributor

@mattcrn Make sure you have 'Inherit Env' enabled in the settings (it is enabled by default):
image

@chrmarti
Copy link
Contributor

@PavelSosin-320 We are using socket paths here and set up our own backward channel.

@PavelSosin-320
Copy link

PavelSosin-320 commented Oct 28, 2020
edited
Loading

I afraid socat will not help you because DockerDektop-for Win by default listens npipe - see docker context ls only for ephemeral performance gain.
I added tcp://0.0.0.0:2375 to the docker daemon configuration and it improved the situation.
I can hardly believe that docker.sock which belongs to a different filesystem can be shared so easily.
Normally, Docker assumes that only users that belong to the docker group can share docker socket. Maybe, root?
The only unix docker.sock I found in the Docker desktop distro is in /run/guest-services and its owner is root.

@mattcrn
Copy link
Author

mattcrn commented Oct 28, 2020

@mattcrn Make sure you have 'Inherit Env' enabled in the settings (it is enabled by default):
image

It is enabled.

@chrmarti
Copy link
Contributor

Do you have some other shell set as the default than bash? We run wsl -d Ubuntu and then in there run printenv to read the SSH_AUTH_SOCK (and all other env variables). My remaining guess is that we somehow don't get at that variable. Could you run:

wsl -d Ubuntu
printenv | grep SSH_AUTH_SOCK

@mattcrn
Copy link
Author

mattcrn commented Oct 29, 2020

SSH_AUTH_SOCK=/tmp/ssh-wONNcoL3dZYw/agent.27

@mattcrn
Copy link
Author

mattcrn commented Oct 29, 2020

Is anybody able to reproduce this problem?

@lbssousa
Copy link

I've did the following steps to make WSL2 ssh-agent forwarding to devcontainer work in my WSL distro (Ubuntu 20.04):

  1. Install socat and keychain in my WSL distro

  2. Put the following in my ~/.profile:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
    # include .bashrc if it exists
    if [ -f "$HOME/.bashrc" ]; then
        . "$HOME/.bashrc"
    fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
    PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
    PATH="$HOME/.local/bin:$PATH"
fi

eval $(keychain --eval --agents ssh id_rsa)
  1. Comment out the following lines in ~/.bashrc:
# If not running interactively, don't do anything
#case $- in
#    *i*) ;;
#      *) return;;
#esac
  1. Before opening VSCode, open a new WSL shell in Windows Terminal. It will run keychain and ask my SSH passphrase for the first time.

After that, my ssh-agent forwarding from WSL2 distro to devcontainer works properly.

@mattcrn
Copy link
Author

mattcrn commented Oct 30, 2020
edited
Loading

@lbssousa, your solution didn't exactly work for me but just installing keychain (I already had socat) and putting

eval $(keychain --eval --agents ssh id_rsa)

at the top of my .bashrc did the trick for me.

@chrmarti
Copy link
Contributor

Just in case this is useful for someone else: The answer to https://stackoverflow.com/questions/18880024/start-ssh-agent-on-login also appears to work well. Thanks.

@chrmarti chrmarti added *question Issue represents a question, should be posted to StackOverflow (VS Code) and removed info-needed Issue requires more information from poster labels Oct 30, 2020
@mattcrn
Copy link
Author

mattcrn commented Oct 30, 2020

Since this is an integral ingredient of the devcontainer workflow promoted by vs-code It would make sense to provide a solution in the docs for this.

@chrmarti
Copy link
Contributor

Having eval $(keychain --eval) in your .profile or .bash_profile works nicely. Thanks @lbssousa.

@Chuxel Should we mention it here: https://code.visualstudio.com/docs/containers/ssh ?

@chrmarti chrmarti added doc and removed *question Issue represents a question, should be posted to StackOverflow (VS Code) labels Nov 4, 2020
@chrmarti chrmarti assigned Chuxel and unassigned chrmarti Nov 4, 2020
@chrmarti
Copy link
Contributor

chrmarti commented Nov 4, 2020

Reopening for the doc suggestion.

@chrmarti chrmarti reopened this Nov 4, 2020
@ross-p-smith
Copy link

I've been able to replicate this when I was using zsh as my shell. The environment variable SSH_AUTH_SOCK was not being passed through even with the Inherit Env setting. As soon as I used chsh to change back to bash it worked.

@chrmarti
Copy link
Contributor

@ross-p-smith Try placing your ssh-agent startup in ~/.zprofile. We use a non-interactive login shell to extract SSH_AUTH_SOCK and that sources ~/.zprofile, but not ~/.zshrc.

@tl-jakecross
Copy link

tl-jakecross commented Jul 7, 2021
edited
Loading

Just in case this is useful for someone else: The answer to https://stackoverflow.com/questions/18880024/start-ssh-agent-on-login also appears to work well. Thanks.

What is it about this that makes it work, that all the other methods I've tried today don't work?
I've set up ssh-agent in numerous ways, across bashrc and bash_profile, with socat, without socat... until this, nothing has worked.

It's great that this method works, but why this over the numerous other snippets people suggest to add to your init scripts?

@madalinignisca
Copy link

Just out of curiosity. I do a slightly different approach. I have a devcontainers recipe which provides a volume for the project.
In it, I clone the project from git.

This way I keep my ssh, git and pgp things in windows, and all are forwarded to the devcontainer nicely (ssh-agent service enabled).

But when running from WSL2 filesystem, VSCode is using ssh, git and pgp from the distro the devcontainers folder is hosted in.

I find it a bit annoying, not to have an option to tell VSCode to always use my gitconfig, ssh config, know_hosts and agent, and pgp from Windows, like it does for devcontainers folder hosted on windows fs.

For everybody having all setup in Windows, I think it would do a huge help to have that switch, as the official docs already provide perfect guidance how to prepare your windows host for devcontainers. It simply breaks the minute u have the folder in wsl2...

Can you postpone and work on using also ssh, git and pgp from wsl2 after u allow people that completed all settings according to the current official docs to benefit of this automation from both windows fs and wsl fs?

@chrmarti chrmarti mentioned this issue Sep 20, 2021
Closed
@chrmarti
Copy link
Contributor

chrmarti commented Jan 3, 2022
edited
Loading

The key difficulty here was that the ssh-agent had to be started also for a non-interactive login shells (using, e.g., ~/.profile, ~/.bash_profile or ~/.zprofile). We have updated our code to use an interactive login shell, so this now also works when the ssh-agent is started in ~/.bashrc, ~/.zshrc or similar for other shells. (Starting the ssh-agent also for non-interactive login shells still seems to be correct recommendation, so https://code.visualstudio.com/docs/remote/containers#_using-ssh-keys is still accurate.)

Closing as the main concern has been fixed as part of #2994 in code. Thanks.

Opened #5610 to track @madalinignisca 's suggestion.

@chrmarti chrmarti closed this as completed Jan 3, 2022
@github-actions github-actions bot locked and limited conversation to collaborators Feb 17, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@Chuxel Chuxel

Labels
containers Issue in vscode-remote containers doc
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@Chuxel @madalinignisca @lbssousa @ross-p-smith @chrmarti @mattcrn @tl-jakecross @PavelSosin-320