# 设置安全凭证存储

-rng-tools是一组与内核中随机数生成相关的实用程序。

-主程序是 rngd,这是一个守护进程,用于检查硬件设备中的随机数据并将其提供给内核熵池

apt-get install rng-tools -y

yum -y install rng-tools

-使用命令生成所需的熵:

rngd -r /dev/urandom

-安装_pass_工具

yum -y install  libXdmcp libXfont2  xorg-x11-drv-libinput  xorg-x11-server-common  pinentry pass

apt-get install pass -y

-生成新的GPG密钥

gpg --full-generate-key

----

gpg: /root/.gnupg/trustdb.gpg: trustdb created

gpg: key 67EA4821C644979D marked as ultimately trusted

gpg: directory '/root/.gnupg/openpgp-revocs.d' created

gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/F04EA7AF6CF4DD1D7733063367EA4821C644979D.rev'

----

https://github.com/docker/docker-credential-helpers/releases

mkdir ~/bin

cd ~/bin

echo 'export PATH=$PATH:~/bin' >> ~/.bashrc

wget https://github.com/docker/docker-credential-helpers/releases/download/v0.7.0/docker-credential-pass-v0.7.0.linux-amd64  

mv  docker-credential-pass-v0.7.0.linux-amd64    docker-credential-pass

chmod a+x docker-credential-pass

cp docker-credential-pass /usr/local/bin

-注销并登录Docker服务器:

docker logout

docker login hub.htmltoo.com:5000 -u ihunter -p wdq54321

-cd  /root/bin/

-找到与凭证存储关联的GPG id

gpg --list-secret-keys

<<

/root/.gnupg/pubring.kbx

------------------------

sec   rsa3072 2023-03-18 [SC]

      F04EA7AF6CF4DD1D7733063367EA4821C644979D

uid           [ultimate] ihunter (htmltoo) <ihunter@vip.qq.com>

ssb   rsa3072 2023-03-18 [E]

>>

gpg --fingerprint [your_email_set_during_key_creation]

==

-初始化pass工具

pass init [your_gpg_id_string_in_hex_format]

pass init  F04EA7AF6CF4DD1D7733063367EA4821C644979D

-使用命令创建凭证存储密码:

pass insert docker-credential-helpers/docker-pass-initialized-check

vim ~/.docker/config.json

{
  “credsStore”:“通过”
}

-登录Docker

docker login hub.htmltoo.com:5000 -u ihunter 

-查看WARNING信息是否消失