diff --git a/haini.sh b/haini.sh
index 92aa8d9..6653eb9 100755
--- a/haini.sh
+++ b/haini.sh
@@ -8,6 +8,7 @@ uname -m | grep -q x86_64 || exit 1
 DIR="$(dirname "$(realpath "$0")")"
 ROOT="$(dirname "$DIR")"
 SELF="$(basename "$0")"
+SSH_ADHOC=false
 
 # Sólo se puede correr desde el directorio de Sutty
 if test "$ROOT" != "$(dirname "$PWD")" && test "$ROOT" != "$PWD"; then
@@ -40,26 +41,35 @@ ENTORNO=${ENTORNO:-${ROOT}/hain}
 correr() {
   echo "> $1" >&2
 
+  if test "$AS_ROOT"; then
+    SET_UID=0
+    SET_GID=0
+  else
+    SET_UID="$(id -u)"
+    SET_GID="$(id -g)"
+  fi
+
   env -i \
     TERM="$TERM" \
-    USER="$USER" \
+    USER="suttier" \
     HOME="/home/suttier" \
     HAIN_ENV=true \
     RAILS_ENV="${RAILS_ENV:-development}" \
     JEKYLL_ENV="${JEKYLL_ENV:-development}" \
     EDITOR="nano" \
     PAGER="less -niSFX" \
+    SSH_AUTH_SOCK="${SSH_AUTH_SOCK}" \
     bwrap \
     --die-with-parent \
-    --unshare-user-try \
+    --unshare-user \
+    --uid "$SET_UID" \
+    --gid "$SET_GID" \
     --unshare-ipc \
     --unshare-uts \
     --unshare-cgroup-try \
     --bind "$ENTORNO" / \
     --bind "$ROOT" /Sutty \
     --ro-bind /etc/hosts /etc/hosts \
-    --ro-bind /etc/passwd /etc/passwd \
-    --ro-bind /etc/group /etc/group \
     --ro-bind /etc/resolv.conf /etc/resolv.conf \
     --ro-bind /etc/localtime /etc/localtime \
     --dev-bind /dev /dev \
@@ -169,6 +179,22 @@ crear_entorno() {
     && mv "$ENTORNO$HOME" "$ENTORNO/home/suttier"
   mkdir -p "$ENTORNO/home/suttier"
 
+  if ! grep ^suttier: "$ENTORNO/etc/group" >/dev/null 2>&1 ; then
+    AS_ROOT=true correr "addgroup \
+      -g $(id -g) \
+      suttier"
+  fi
+  if ! correr "id suttier" >/dev/null 2>&1 ; then
+    AS_ROOT=true correr "adduser \
+      --disabled-password \
+      --gecos '' \
+      --home /home/suttier \
+      --no-create-home \
+      --uid $(id -u) \
+      --ingroup suttier \
+      suttier"
+  fi
+
   # Configurar rubygems para que descargue las gemas desde Sutty
   install -m 640 "$DIR/.gemrc" "$ENTORNO/home/suttier/.gemrc"
 
@@ -180,6 +206,10 @@ crear_entorno() {
     install -m 755 "$script" "$ENTORNO/usr/local/bin/${script##*/}"
   done
 
+  # Configurar SSH
+  install -m 700 -d "$ENTORNO/home/suttier/.ssh"
+  install -m 644 "$DIR/ssh/known_hosts" "$ENTORNO/home/suttier/.ssh/known_hosts"
+
   test -f "$ENTORNO/etc/ssl/certs/sutty.local.crt" || generar_certificado
   test -f "$ENTORNO/usr/local/share/ca-certificates/ca-sutty.crt" || mv "$ENTORNO/etc/ssl/certs/ca-sutty.crt" "$ENTORNO/usr/local/share/ca-certificates/ca-sutty.crt"
 }
@@ -203,6 +233,20 @@ esac
 if test "$HAIN_ENV"; then
   ${*:-$DEFAULT}
 else
+  if test -z "${SSH_AUTH_SOCK}"; then
+    if ! type ssh-agent >/dev/null 2>&1 ; then
+      echo "Instala ssh-agent para poder trabajar con git remoto dentro de haini.sh" >&2
+    else
+      SSH_ADHOC=true
+
+      echo "Iniciando un ssh-agent temporal." >&2
+      eval "$(ssh-agent)"
+      ssh-add
+    fi
+  fi
+
   crear_entorno
   stdin=/dev/stdin correr "${*:-$DEFAULT}"
+
+  ${SSH_ADHOC} && ssh-agent -k
 fi
diff --git a/packages b/packages
index 1410d44..bf8fc39 100644
--- a/packages
+++ b/packages
@@ -14,6 +14,7 @@ nano-syntax
 ncurses-terminfo
 nginx
 nodejs
+openssh-client
 openssl
 postgresql
 postgresql-contrib
diff --git a/ssh/known_hosts b/ssh/known_hosts
new file mode 100644
index 0000000..21f5b80
--- /dev/null
+++ b/ssh/known_hosts
@@ -0,0 +1,3 @@
+0xacab.org,198.252.153.239 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdh69MJNIA4hZNdplalK1BOD4QZEKn8msMwsEzA7nrr
+athshe.sutty.nl,172.96.172.58 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIDqJl9IW6WXAxrtZXMzvMnIpTjIZB+Tp+dDUpSaOrqdjqdMVjHVQSFnVh0MLHbvdjKKtxaKDAuT3JXGrSp8wyA=
+anarres.sutty.nl,54.39.161.205 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGw9aXovdiR44WzGfaitjlGiAO7I5OP/XgxFEc+t6HWeS0oqIVaEo17y7j29hLZbTRpN8vWoGSMa+UtquQZ6JG8=