docker-credential-helpers
rage
docker-credential-helpers | rage | |
---|---|---|
2 | 36 | |
1,020 | 2,326 | |
1.1% | - | |
6.6 | 9.0 | |
27 days ago | 25 days ago | |
Go | Rust | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
docker-credential-helpers
-
Clever uses of pass, the Unix password manager
Docker supports a credential-helper module[0], which supports 4 different backends for fetching the docker registry credentials: osxkeychain, pass, wincred, and secretservice.
pass lets you use GPG-smartcards, and many of those (such as Yubikeys) will let you enforce touch-policies for signing/encruption.
As a combination of both these however, I must touch my Yubikey every time I pull a new docker image.
Another cool use-case is that I use the terraform-pass-provider to save secrets for my personal terraform project.
[0]: https://github.com/docker/docker-credential-helpers
-
Running Docker on WSL2 the right way
# Finds the latest version $ wincred_version=$(curl -fsSL -o /dev/null -w "%{url_effective}" https://github.com/docker/docker-credential-helpers/releases/latest) # Downloads and extracts the .exe $ sudo curl -fL \ "https://github.com/docker/docker-credential-helpers/releases/download/${wincred_version}/docker-credential-wincred-${wincred_version}-$(dpkg --print-architecture).zip" | zcat | sudo tee /usr/local/bin/docker-credential-wincred.exe >/dev/null # Assigns execution permission to it $ sudo chmod +x /usr/local/bin/docker-credential-wincred.exe
rage
- Do any libraries exist for zero-trust file storage (storing client-encrypted data on the server without the key)?
-
JSON compression in the browser, with gzip and the Compression Streams API.
I have already built this into a small feature in my app, but I do plan to integrate it deeper and bake it into the core functionality soon. Which should be another interesting problem to solve as the app has integrated client-side encryption using Age (rage (rage-wasm)). But that's for another day...
-
Age: Modern file encryption format with multiple pluggable recipients
_o/ hi all, age author here!
The OP link is the spec, here's a few other things you might find interesting
- the Go reference implementation https://age-encryption.org
- the Go library docs https://pkg.go.dev/filippo.io/age
- the CLI man page https://filippo.io/age/age.1
- an interoperable Rust implementation by @str4d https://github.com/str4d/rage
- a YubiKey plugin by @str4d https://github.com/str4d/age-plugin-yubikey
- the draft plugin protocol specification (which we should really merge) https://github.com/C2SP/C2SP/pull/5/files?short_path=07bf8cc...
- a Windows GUI by @spieglt https://github.com/spieglt/winage
- a discussion of the authentication properties of age https://words.filippo.io/dispatches/age-authentication/
- a discussion of a potential post-quantum plugin https://words.filippo.io/dispatches/post-quantum-age/
- a password-store fork that uses age instead of gpg https://github.com/FiloSottile/passage (see also: how I use it with a YubiKey https://words.filippo.io/dispatches/passage/)
- rage: A simple, secure and modern encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.
-
age.el: age encryption support for Emacs
I just added rage (https://github.com/str4d/rage) support, which does support pinentry, see https://github.com/anticomputer/age.el#known-issues for an example of how to use rage instead.
- Axcrypt -- or is there something better Reddit would recommend?
-
The PGP Problem (2019)
Really appreciate this article. It's a little snarky but it hits the mark and encourages people to try Age, which is a pretty awesome little tool.
https://age-encryption.org/v1
-
Ask HN: What does everyone use for encrypting their personal stuff?
I'm not convinced that whole-disk encryption is sensible for most threat models, but I use the built-in FileVault on macOS (under the reasoning that, at the very least, it can't really hurt).
On Linux, I use age[1] (specifically, rage[2]) to encrypt sensitive files. I wrote a secret manager that uses the latter as an encryption backend[3], and I use `rage-mount` to mount (read-only) views of encrypted archives.
[1]: https://github.com/FiloSottile/age
[2]: https://github.com/str4d/rage
[3]: https://github.com/woodruffw/kbs2
- Age – a simple, modern and secure file encryption tool, format, and Go library
- Tiny backup/encryption tool for CLI usage.
What are some alternatives?
switch
age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
gopass - The slightly more awesome standard unix password manager for teams
PasswordPusher - 🔐 An application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has passed. Track who, what and when.
pass-tomb - A pass extension that helps you keep the whole tree of passwords encrypted inside a Tomb.
age-plugin-yubikey - YubiKey plugin for age
Docker Compose - Define and run multi-container applications with Docker
croc - Easily and securely send things from one computer to another :crocodile: :package:
kind - Kubernetes IN Docker - local clusters for testing Kubernetes
tarssh - A simple SSH tarpit inspired by endlessh
systemd - The systemd System and Service Manager
wormhole-gui - Cross-platform application for easy encrypted file, folder, and text sharing between devices. [Moved to: https://github.com/Jacalz/rymdport]