获取Docker public key.json文件
[英]Obtaining Docker public key.json file
问题描述
I see a /etc/docker/key.json on Fedora 23 machine. 
我在Fedora 23机器上看到一个/etc/docker/key.json 。 This file seems like a private key for authentication 该文件似乎是用于身份验证的私钥
At what time is it generated ( its not present in output of rpmls docker ), and how do I obtain a corresponding public key? 它在什么时间生成(它不存在于rpmls docker输出中),我如何获得相应的公钥?
My usecase is to enable a non-root user to run docker ps command without sudo ie by the use of public/private keys. 我的用例是允许非root用户在不使用sudo情况下运行docker ps命令,即通过使用公钥/私钥。
What should I do? 我该怎么办?
1 个解决方案
解决方案1
0 2016-03-09 17:13:37
You don't care about the key.json file, at least as far as I understand your question. 至少就我所知,您并不关心key.json文件。
If you want to enable unprivileged users to connect to your Docker daemon using certificates for authentication, you will first need to enable a listening HTTP socket (either binding to localhost or to a public address if you to provide access to the daemon from somewhere other than the docker host), and then you will need to configure appropriate SSL certificates as described in the documentation . 如果要允许非特权用户使用证书进行身份验证连接到Docker守护程序,则首先需要启用侦听HTTP套接字(如果要提供从除其他地方之外的其他位置访问守护程序的权限,请绑定到localhost或公共地址docker主机),然后您需要按照文档中的说明配置适当的SSL证书。
You can also provide access to Docker by managing the permissions on the Docker socket (typically /var/run/docker.sock ). 您还可以通过管理Docker套接字上的权限(通常是/var/run/docker.sock )来提供对Docker的访问。
Note that giving someone access to docker is equivalent to giving them root access (because they can always run docker run -v /etc:/hostetc ... and then edit your sudoers configuration or passwd and shadow files, etc. 请注意,授予某人访问docker run -v /etc:/hostetc ...权限等同于授予他们root访问权限(因为他们始终可以docker run -v /etc:/hostetc ...然后编辑您的sudoers配置或passwd和shadow文件等。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.