SSH

Workspaces are configured with an SSH agent, which runs an SSH daemon within your workspace runtime. You can connect to your workspace on the command line and get root access to the runtime (similar to what the Web terminal provides) from other machines. You can optionally disable the SSH agent for your workspace from within the dashboard.

Public / Private Key Generation

If your workspace has the SSH agent activated in the dashboard, then Codenvy runs an SSH daemon within the machines that are part of your workspace. The SSH agent is activated by default with all new workspaces and you can manually disable it within the dashboard. If your workspace is powered by Docker Compose, then the SSH agent is deployed into every container that makes up your compose services. You can optionally remove the SSH agent from selected machines of your compose services from within the dashboard.

Each new workspace has a default key-pair generated for it. The private key is inserted into each machine of a workspace and they will all share the same public key. You can generate a new key-pair in the dashboard, or remove the default one to be replaced with yours. Replacing machine’s key-pair requires restart of workspace if workspace is running.

ssh-delete-create-keypair.gif

API clients must be authenticated with appropriate permissions before they can request the private key for a workspace.

We provide an optional ssh client built into cli for connecting to a workspace using SSH.

List Workspaces

You can get a list of workspaces in a Codenvy server that have an SSH agent deployed. These are the workspaces that you can SSH into.

$ docker run -ti <volume-mounts> codenvy/cli action list-workspaces [parameters] 

NAME                      ID                         STATUS
wksp-v4l8(No Sync Agent)  workspaceolhvwg1bjuepyfar  RUNNING

# Parameters
    --url <url>           # Codenvy host where workspaces are running
    --user <login email>        # Codenvy user name
    --password <login password> # Codenvy password

Connect

You can connect to your workspace using our Docker CLI container or your off-the-shelf SSH client such as ssh on Linux/Mac or putty on Windows.

One nice aspect of our SSH capabilities is that they are all done inside of a Docker container, letting any OS connect to a Che workspace using the same sytnax without the user having to install specialized tools for each OS.

SSH With CLI

# Connect to the machine in a workspace that is designated as the dev machine.
# Each workspace always has one machine that is a dev machine with a dev agent on it.
$ docker run -ti <volume-mounts> codenvy/cli action ssh <workspace> [machine-name] [parameters] 

# Arguments
    workspace             # Workspace name or id.  
    machine-name          # Connect to a secondary machine in the workspace(docker compose)
# Parameters
    --url <url>           # Codenvy host where workspaces are running
    --user <login email>        # Codenvy user name
    --password <login password> # Codenvy password

SSH With Native Tools

If you want to use your native SSH tools to connect to a workspace, you can get the connectivity information that you need to use through the dashboard as described in Public/Private Key Generation section on this page or using CLI described below. You can then pass this information into ssh or putty to make a direct connection.

# Connect to the machine in a workspace that is designated as the dev machine.
# Each workspace always has one machine that is a dev machine with a dev agent on it.
$ docker run -ti <volume-mounts> codenvy/cli action get-ssh-data <ws-name> 
SSH_IP=192.168.65.2
SSH_PORT=32900
SSH_USER=user
SSH_PRIVATE_KEY='
-----BEGIN RSA PRIVATE KEY-----
ws-private-key-listed-here
-----END RSA PRIVATE KEY-----
'

# Arguments
    workspace             # Workspace name or id.               
    machine-name          # Connect to a secondary machine in the workspace(docker compose)
# Parameters
    --url <url>           # Codenvy host where workspaces are running
    --user <login email>        # Codenvy user name
    --password <login password> # Codenvy password