docker-credential-helpers
yubitouch
docker-credential-helpers | yubitouch | |
---|---|---|
2 | 1 | |
1,020 | 155 | |
1.1% | - | |
6.6 | 0.0 | |
27 days ago | about 3 years ago | |
Go | Shell | |
MIT License | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
docker-credential-helpers
-
Clever uses of pass, the Unix password manager
Docker supports a credential-helper module[0], which supports 4 different backends for fetching the docker registry credentials: osxkeychain, pass, wincred, and secretservice.
pass lets you use GPG-smartcards, and many of those (such as Yubikeys) will let you enforce touch-policies for signing/encruption.
As a combination of both these however, I must touch my Yubikey every time I pull a new docker image.
Another cool use-case is that I use the terraform-pass-provider to save secrets for my personal terraform project.
[0]: https://github.com/docker/docker-credential-helpers
-
Running Docker on WSL2 the right way
# Finds the latest version $ wincred_version=$(curl -fsSL -o /dev/null -w "%{url_effective}" https://github.com/docker/docker-credential-helpers/releases/latest) # Downloads and extracts the .exe $ sudo curl -fL \ "https://github.com/docker/docker-credential-helpers/releases/download/${wincred_version}/docker-credential-wincred-${wincred_version}-$(dpkg --print-architecture).zip" | zcat | sudo tee /usr/local/bin/docker-credential-wincred.exe >/dev/null # Assigns execution permission to it $ sudo chmod +x /usr/local/bin/docker-credential-wincred.exe
yubitouch
-
Clever uses of pass, the Unix password manager
Here's a script that will set that mode, in case you'd like to use it. It prevents someone/malware from being able to use your key after you've unlocked it. For example if you hacked my computer and tried to use it to ssh to another machine you'd be unable because you'd need me to tap the key.
I'd suggest trying 'on' before 'fix', but then switching to 'fix' for the extra security it provides.
https://github.com/a-dma/yubitouch
What are some alternatives?
switch
gopass - The slightly more awesome standard unix password manager for teams
pass-coffin - A password store extension to hide data inside a signed and encrypted coffin
pass-tomb - A pass extension that helps you keep the whole tree of passwords encrypted inside a Tomb.
lastpass-cli - LastPass command line interface tool
Docker Compose - Define and run multi-container applications with Docker
hunter2 - The "hunter2" password manager is a simple script-oriented password manager.
kind - Kubernetes IN Docker - local clusters for testing Kubernetes
systemd - The systemd System and Service Manager
pass-import - A pass extension for importing data from most existing password managers