-
Notifications
You must be signed in to change notification settings - Fork 26
Docker: Encrypting credentials
Owen Parry edited this page Sep 1, 2021
·
1 revision
The following steps describe how to store credentials using pass with GnuPG on Debian-based linux distributions, such as Ubuntu. To see a list of the other credential stores supported by Docker, please see the official documentation.
- Install rng-tools
sudo apt-get install rng-tools -y
- Once the installation completes, generate the required entropy with
sudo rngd -r /dev/urandom
- Next, install the pass tool
sudo apt-get install pass -y
- Generate a new GPG key (accept all of the default options)
gpg --full-generate-key
One way to install docker-credentials pass is by running the script at
Deploy/scripts/install_docker-credentials-pass.sh
Alternatively, follow the 'Installation' instructions in the docker-credential-helpers documentation.
- Find the ID of your GPG key:
gpg --list-secret-keys
- Initialise pass with that ID
pass init ID_STRING
- Create a password:
pass insert docker-credential-helpers/docker-pass-initialized-check
- Create a docker config file, if one doesn't exist already
touch ~/.docker/config.json
- Add the following to the config file, then save and close.
{
"experimental": "enabled"
}
For some reason, the GPG_TTY environment variable needs to be set manually. Add the following to your ~/.bashrc:
export GPG_TTY=$(tty)
Then reload it with
source ~/.bashrc
Finally, to store credentials, login to a registry. e.g.:
docker login docker.cmclinnovations.com -u <user_name>
- Home
- FAQ
- How to contribute
- Development guidelines:
- Containerisation:
- Examples
- Handling data:
- Visualisations: