ForwardAgent option does not work

[trocho]

Context I share my local ~/.shh directory to the ansible-tool image this way. alias ansible-playbook='docker run --rm -it -e USER=ansible -e MY_UID=1000 -e MY_GID=1000 -v ${HOME}/.ssh/:/home/ansible/.ssh/ -v $(pwd):/data cytopia/ansible:latest-tools ansible-playbook'

The problem is And I'm trying to clone my git repo and I get Cloning into '/var/www'...\[email protected]: Permission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.

sshd config at server

cat /etc/ssh/sshd_config | grep AllowAgentForwarding
AllowAgentForwarding yes

the shared local ssh config ~/.ssh/config

Host *
    StrictHostKeyChecking no
    ForwardAgent yes

ansible.cfg

[ssh_connection]
ssh_args= -o ForwardAgent=yes -o StrictHostKeyChecking=no -o ControlMaster=auto -o ControlPersist=60s

/etc/sudoers

cat /etc/sudoers | grep SSH
Defaults env_keep += "SSH_AUTH_SOCK"

When I connect to the server via ssh traditionally the forwarding of my local ssh key work correctly and the cloning of git repo works.

[cytopia]

@trocho just to be able to fully reproduce this on my end, do you have a password set on your key?

[Sylvain303]

@trocho

if the ssh agent run outside docker, you have to also pass the socket and export a new SSH_AUTH_SOCK to the mounted volume.

docker "your other options"   \
  -v $SSH_AUTH_SOCK:/ssh-agent --env SSH_AUTH_SOCK=/ssh-agent \
  "other stuff for docker cmd"

hope that helps.

[cytopia]

I have added this to the Readme's documentation: https://github.com/cytopia/docker-ansible/pull/125

Thanks @Sylvain303 for the ssh-agent mount !