config.json
路径: ~/.docker/config.json
config.json是用于存储docker registry的认证信息
文件内容格式如下
{
"auths": {
"harbor.xxx.com": {
"auth": "xxx"
}
}
}
auth后面的内容其实是你刚刚输入的用户名密码的加密后的输出
可以尝试加密解密测试
加密
# 对比一下登录harbor的用户名:密码 加密后是否和~/.docker/config.json中auth的值对应
echo -n "user:password" | base64
解密
# xxx为上面加密后的值
echo -n "xxx" | base64 -d
key.json
路径: /etc/docker/key.json
key.json文件是Docker在连接到其他TLS服务器(如注册表)时使用的Web格式的TLS连接的dockerd键.它在启动时由docker引擎自动生成。
# cat /etc/docker/key.json
{
"crv":"P-256",
"d":"-o-BHLQyZQDlPUvzOuAFPyoECBHMHApaJCTy2ProBdE",
"kid":"3ZXC:EHNN:OXY7:SWUD:DBAU:QHU5:PWOX:HDD3:SNQ7:HYQD:HYBI:HXZ4",
"kty":"EC","x":"CY2phVcW87xBejNSxnAAL2XU-r2vELa_246zaKgNZrU",
"y":"Ev-JgNcf7PsRXCB7nDW6iASUMOhojRj5SS45ywI6NHQ"
}
This is the dockerd key for TLS connections.
in web format, that docker uses when connecting to other TLS servers like registries.
It’s automatically generated by the docker engine on startup, so there’s no risk if deleted.
You should treat it as sensitive since TLS connections using an exposed key are not secure.