LXD/LXC SSH configuration

Configuring ssh config to connect to LXD/LXC running containers:

Enable your public keys on container ssh access point

On a running container

Add your ssh public key to the running container you want to connect to:

lxc file push ~/.ssh/id_<xxx>.pub u1/home/ubuntu/.ssh/authorized_keys

On a dedicated profile

You can add your SSH public key into an LXD profile. To do so on the default profile:

lxc profile edit default

And add your public SSH key (found in ~/.ssh/id_<xxx>.pub):

config:
  user.user-data: |
    #cloud-config
    ssh_authorized_keys: <place your ssh public key here>

Make SSH connection even smoother

Add a dedicated helper script for lxd ssh connections:

mkdir -p ~/Developments/canonical/scripts/
cd ~/Developments/canonical/scripts/
wget https://gist.githubusercontent.com/basak/72b87a5b619a100ace1476715bfc5b18/raw/d716f711a152a71d9a0eaae5fb932f83ff1c03d7/lxd-ssh.sh
chmod +x lxd-ssh.sh
sudo ln -s ~/Developments/canonical/scripts/lxd-ssh.sh /usr/local/bin/lxd-ssh

Update your ~/.ssh/config :

Host *.lxd
  User ubuntu
  ProxyCommand lxd-ssh %h
  StrictHostKeyChecking no
  IdentityFile /home/<user>/.ssh/id_rsa-lxd
  ForwardAgent yes

ForwardAgent entry will allow you to get the host ssh key available inside the VM and containers you connect to. (for example allowing you to clone GitHub repositories through ssh).

Then you can connect on running container u1 with:

ssh u1.lxd

Going further

It might be interesting to integrate ssh-import-id for the public key importation.