0

I want to use the pass credential store for DockerHub login. Therefore, following mainly this link

  1. I installed pass (apt install pass)
  2. I installed docker-credential-pass, but following the instruction 4 to 7 under How to set up credential storage in this other link
  3. I modified the ~/.docker/config.json file adding the key-value pair "credsStore": "pass"
  4. Since I have a GPG ID, which I can see by means of the instruction gpg --list-secret-keys or also gpg -K (in the row next to uid I see [ultimate] MY_NAME <MY_EMAIL>), and which I use often to encrypt and decrypt some files, following again the second link or also the point 2 in this one, I did pass init MY_EMAIL. Here I got
mkdir: created directory '/home/user/.password-store/'
Password store initialized for MY_EMAIL

So, it seems that all goes right until here, but then, when I try either docker login or pass insert docker-credential-helpers/docker-pass-initialized-check I get

gpg: error retrieving 'MY_EMAIL' via WKD: No data
gpg: MY_EMAIL: skipped: No data
gpg: [stdin]: encryption failed: No data
Password encryption aborted.

However, as I said before, I use often gpg --output out_file.gpg --encrypt --recipient MY_EMAIL input_file without any problem.

Further, the solution in gpg: error retrieving 'me@example.com' via WKD does not seem suitable to my issue, since when I look for my key with the gpg commands I mentioned above, I can see expires: 2023-07-20].

So, which is now the problem and what can I do? I work on Debian 11.

Maybe the issue is related to the next claim under https://github.com/docker/docker-credential-helpers:

`pass` needs to be configured for `docker-credential-pass` to work properly. It must be initialized with a `gpg2` key ID. Make sure your GPG key exists is in `gpg2` keyring as `pass` uses `gpg2` instead of the regular `gpg`.

What should I do if this is the problem?

I have also tried doing pass init ID instead of pass init MY_EMAIL getting the ID from gpg2 --list-secret-keys --keyid-format=long and the line sec rsa3072/ID date ..., getting a problem such as in here, but the solutions given there do not work too.

Thanks in advance!

iago
  • 135

1 Answers1

1

Solved!

The issue was that "my" old GPG ID belonged to my root user, so I needed to generate a key with my non-root user

iago
  • 135