VS Code has become my favourite editor as of late, however, using it out of a Flatpak environment on Fedora Silverblue is limited. You can configure the built-in terminal to run in Toolbox, but that doesn’t help if extensions need tooling installed.

Copying the approach of CLion and WSL, this is a straight-forward how-to for container-based development in VS Code.

First, create and enter a toolbox. Once inside, we need to install and configure the SSH server.

⬢[user@toolbox ~]$ sudo dnf install openssh-server

On a regular Fedora system, launching sshd with systemctl would trigger sshd-keygen.target. We can’t do this in Toolbox, so we have to do it manually.

⬢[user@toolbox ~]$ sudo /usr/libexec/openssh/sshd-keygen rsa
⬢[user@toolbox ~]$ sudo /usr/libexec/openssh/sshd-keygen ecdsa
⬢[user@toolbox ~]$ sudo /usr/libexec/openssh/sshd-keygen ed25519

Inside /etc/ssh/sshd_config, ensure these options are set (assuming you are running Fedora 33 inside):

# For VS Code
Port 2233                 # Prevent conflicts with other SSH servers
ListenAddress localhost   # Don’t allow remote connections
PermitEmptyPasswords yes  # Containers lack passwords by default
PermitUserEnvironment yes # Allow setting DISPLAY for remote connections

I like including the Fedora version in the container in the port so that I can have multiple versions at the same time and don’t have to remove lines in ~/.ssh/known_hosts on container upgrades.

NB: Due to container limitations, interactive sessions won’t work.

Exit the toolbox. You can now run the server with a toolbox run sudo /usr/sbin/sshd. You can add this into your .bash_profile if you want it to run automatically.

Add this to your ~/.ssh/config:

Host toolbox-33
    HostName localhost
    Port 2233

And this to ~/.ssh/environment (this allows to starts Xorg apps from VS Code):

DISPLAY=:0

Inside VS Code, install the ‘Remote – SSH’ extension, initialise a connection and pick ‘toolbox-33’ as the host, and enjoy.

Bonus tip: Open your projects via /var/home/… instead of /home/… to avoid symlink bugs.