Why docker login command saves unencrypted password on my computer?

docker docker-machine
user606521 picture user606521 · Aug 12, 2015 · Viewed 8k times · Source

I've used docker login command and passed my credentials and I got warning WARNING: login credentials saved in /Users/{my_username}/.docker/config.json. I've checked that file and indeed my password is there unencrypted (base64 encoded only).

Why docker saved my password unencrypted? Shouldn't it save it in my key-chain (I am on Mac OS) or instead of saving password just generate some access token or something like that?

Answer

Adrian Mouat picture Adrian Mouat · Aug 12, 2015

There is a lot of discussion about this:

https://github.com/docker/docker/issues/10318

It will get fixed eventually, although it's not yet clear how. In particular, note this comment:

To sum this:

  • sure, things need to be fixed
  • there is an open effort in doing that (#distribution), and people are certainly welcome to join if they want - either way, the issue here is definitely something being worked on
  • we should aim for the right solution - not just "any solution as fast as possible" - this will take time and energy, but I'm confident we will get there

Related questions

How to clear the logs properly for a Docker container?

I use docker logs [container-name] to see the logs of a specific container. Is there an elegant way to clear these logs?

Read More
How do I run a docker instance from a DockerFile?

I finally figured out how to get docker up and running. docker run --name my-forum-nodebb --link my-forum-redis:redis -p 80:80 -p 443:443 -p 4567:4567 -P -t -i nodebb/docker:ubuntu I linked it to a redis instance, cool. This is from scratch and …

Read More
Command for restarting all running docker containers?

How to restart all running docker containers? Mainly looking for a shortcut instead of doing docker restart containerid1 containerid2

Read More