vscode how to disable .ssh exposure into devcontainer?

Question

By default vscode "Dev Containers" extension seems to expose the contents of ~/.ssh/known_hosts and all my ssh keys ssh-add -l (all private keys not added to ssh-agent) of my local machine to the dev container that is being created.

This seems to be a feature established sometime in 2019. However there is no trace of documentation how this can be disabled.

The GitHub issue referenced above does refer to remote extensions however the remote-ssh isn't installed on my vscode profile.

The vscode v1.41 release notes state:

Forwarding SSH agent The local SSH agent is now forwarded into the container. For example, if you are using SSH to checkout your repository, Git support seamlessly works when opening the folder in a container and the key is registered with the local SSH agent.

Does anybody know how to disable this?

The setting from vscode "Remote - SSH" extension "remote.SSH.enableAgentForwarding": false doesn't seem to be working.

Answer 1

It's hard to overstate how serious and damning of a gaping security hole this is. This "helpful" behavior is hardly documented and there is no official way to disable it. Truly a disgrace.

Here's what I did to mitigate the issue.

I have a setup.sh helper script which does, among other things:

# Force remove VS Code injected SSH socket files
find /tmp -maxdepth 1 -name 'vscode-ssh-auth-*.sock' -delete

I call it from devcontainer.json like so:

    "postCreateCommand": "bash .devcontainer/setup.sh",

For good measure, I also nuke the SSH_AUTH_SOCK environment variable:

    "containerEnv": {
        "SSH_AUTH_SOCK": ""
    }

I don't know if vscode opens other gaping security holes by other instances of this kind of ingenious stupidity, but at least this fix helps against obvious exploits (ssh production-server.com).