SSH key management

If you use tools of which authentication is made by SSH keys, it is significant that Themis may access to a pair of public and private keys. However, we recommend to use keys generated on the host machine of the container. 

Indeed, a Docker container being led up to be recreated at every update, it is necessary that the files are persisted even if the container disappears. The solution that we recommend is to use a mapping of Docker volume involving the $HOME/.ssh file of the user of the host machine that deploys Themis. Resume the docker-compose.yml configuration file (more information on that page), and add a volumes section in the description of the Themis service, as specified in the example file below:

    container_name: themis-container
- THEMIS_URL=http://localhost:3001 - WEB_SOCKET_PORT=3000 - WEB_SOCKET_HOST=localhost depends_on: - mongodb ports: - 3022:3000 - 3023:3001 volumes_from: - dataonly volumes: # Add this line - ~/.ssh:/home/themis/.ssh # Add this line
Was this article helpful?
1 out of 2 found this helpful



Please sign in to leave a comment.