Is There a 'ssh-Add' Linux Alpine One Liner

Is there a `ssh-add` Linux alpine one liner

You have to quote the variable in your first command:

echo "$SSH_PRIVATE_KEY" | ssh-add -
     ^----------------^

Or specify - as the filename in your second command:

printf '%s\n' "$SSH_PRIVATE_KEY" | ssh-add -
                                      -----^

Running OpenSSH in an Alpine Docker Container

A container is not a full installed environment.
The official document is for that installed alpine on some machine.
With power on, boot up services, etc. that a container does not have.

So, anything in /etc/init.d/ can not be used directly in a container which is used by boot up service (like systemd, or alpine's rc*). That's why you got error messages cause the rc* isn't installed in the container.

What you need to do is start sshd manuanlly.
You can take look on below example:

https://hub.docker.com/r/danielguerra/alpine-sshd/~/dockerfile/

How to login by ssh in Alpine Linux without passwords?

You indicated in a comment that this user "zym" has UID 0. You also show that zym's home directory and .ssh directory are owned by UID 1000:

drwxr-sr-x    3 1000     zym           4096 May 16 15:04 .
drwxr-xr-x    3 root     root          4096 May 16 14:44 ..
-rw-------    1 1000     zym            251 May 16 15:04 .ash_history
drwx------    2 1000     zym           4096 May 16 14:56 .ssh

The OpenSSH server enforces strict permissions on the authorized_keys file:

~/.ssh/authorized_keys
Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used for logging in as this user. The format of this file is described above. The content of the file is not highly sensitive, but the recommended permissions are read/write for the user, and not accessible by others.

If this file, the ~/.ssh directory, or the user's home directory are writable by other users, then the file could be modified or replaced by unauthorized users. In this case, sshd will not allow it to be used unless the StrictModes option has been set to “no”.

The actual permissions-checking performed by sshd is complicated. But basically it checks for two things:

The authorized_keys file must be owned by the user logging in, and it must not be group- or world-writable.
The directory containing authorized_keys, the .ssh directory, and the home directory must be owned by root or the user logging in, and must not be group- or world-writable.

The OpenSSH server is probably ignoring your authorized_keys file because these requirements aren't being met. You're trying to log in as a user with UID 0, while the authorized_keys file, .ssh directory, and home directory are owned by a different UID.

You can fix this by making the UIDs match. Either set "zym" to have UID 1000, or change zym's home directory and the files contained there to be owned by zym's actual UID of 0.

Alternately, you can disable this permissions check by setting StrictModes to "no" in sshd_config on the server and restarting sshd.

Using SSH keys inside docker container

Turns out when using Ubuntu, the ssh_config isn't correct. You need to add

RUN  echo "    IdentityFile ~/.ssh/id_rsa" >> /etc/ssh/ssh_config

to your Dockerfile in order to get it to recognize your ssh key.

Installing ssh-keyscan on Alpine linux?

The command you're looking for is actually ssh-keyscan and you can easily find it using pkgs.alpinelinux.org/contents.

Setup Docker Container with SSH server?

In order to start, the SSH daemon does need host keys.

Those does not represents the keys that you are going to use to connect to your container, just the keys that define this specific host.

A host key is a cryptographic key used for authenticating computers in the SSH protocol.

^{Source: https://www.ssh.com/ssh/host-key}

So you have to generate some keys for your host, you can then safely ignore those if you do not really intend to use them.

Generating those keys can be done via

ssh-keygen -A

So in your image, just adding a

RUN ssh-keygen -A

should do.

For the record, here is my own sshd Alpine image:

FROM alpine

RUN apk add --no-cache \ 
        openssh \
    && ssh-keygen -A \
    && mkdir /root/.ssh \
    && chmod 0700 /root/.ssh \
    && echo "root:$(openssl rand 96 | openssl enc -A -base64)" | chpasswd \
    && ln -s /etc/ssh/ssh_host_ed25519_key.pub /root/.ssh/authorized_keys

EXPOSE 22

CMD ["/usr/sbin/sshd", "-D", "-e"]

Extra notes:

I am reusing the SSH keys generated by ssh-keygen -A, exposing them in a volume, this is the reason why I am doing the command:
```
ln -s /etc/ssh/ssh_host_ed25519_key.pub /root/.ssh/authorized_keys
```
Because this is just an Ansible node cluster lab, I am SSH'ing this machine as the root user, this is why I need the, quite insecure
```
echo "root:$(openssl rand 96 | openssl enc -A -base64)" | chpasswd
```

Is There a 'ssh-Add' Linux Alpine One Liner