Docker for Windows compatibility?

#1

I noticed that rng-tools or haveged are required on the host machine for the docker container to work properly. However, it seems like neither of those are available for windows, which makes passbolt not work with Docker for Windows. Has anyone found a way around this? Is it possible to compile either of those tools on windows and put them somewhere that the container can see it(PATH)?

0 Likes

#2

Hey there,

rng-tools or haveged are required in case you don’t have enough entropy on your virtualization platform to generate your gpg key.

I’m not familiar with the windows alternatives to rng-tools or haveged but one you have is to generate the GPG key on your windows host, export it as an asc file and mount it on your containers.

Some other alternatives would be to run haveged/rng-tools in a container with privileged mode enabled. Use this option with caution as running privileged containers has security implications.

0 Likes

#3

Hello! If all i need is the asc file, then i can just do that on a linux box and move it over to the windows one, not a problem. When i read the docs, they made it seem like the container was somehow calling haveged on the host on it’s own and not just expecting a mapped asc file. It seems to do this every time i restart the container though. If it is creating this file on it’s own, why does it not just store it?

0 Likes

#4

Hi there,

Passbolt docker container creates a default gpg keyring on startup, this is the step where entropy is required and is also the step why haveged or rng-tools are suggested.

On the other hand you can mount a pre-created gpg-key but doing this is not preventing you to run out of entropy, passbolt requires certain amount of randomness in the process of authentication just be aware of this.

0 Likes

closed #5

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.

0 Likes