as we all know, the username and password are encoded by base64 and stored in config.json.
How to keep it safe especially when we need to distribute it.
I know there is one solution that is by credential-helper, GPG2 and “pass” in Linux. using the command “pass show docker-credential-helpers/docker-pass-initialized-check” and type the password of GPG2, the password can be fetched.
However, I want to grant another people to docker pull from the registry, and do not want to tell him the password. It seems that I have to tell him the password first, according to the solution above, and the encrypted file .password-store/docker-credential-helpers/docker-pass-initialized-check.gpg cannot be used directly.
Did I missunderstand anything ?
I want to find a way just like copy some encrypt file to someone, then he could login and pull.