Skip to content
Latchkey

docker login Command Reference

Authenticate the Docker CLI to a registry.

docker login stores credentials for a registry so subsequent pull and push commands are authorized. The registry argument defaults to Docker Hub; pass a host for any other registry. In CI, feed the secret over stdin rather than as a -p argument.

Common flags

  • -u, --username - registry username
  • -p, --password - password (avoid in CI; visible in process list)
  • --password-stdin - read the password from stdin (safe for CI)
  • Positional registry host, e.g. ghcr.io (omit for Docker Hub)

Example

shell
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USER }}" --password-stdin
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin

In CI

Always use --password-stdin. Passing -p PASSWORD puts the secret in the process argument list and can leak into logs or ps output; the CLI warns about exactly this. Pipe the token in with echo or printf so it never appears as an argument.

Key takeaways

  • --password-stdin keeps the secret out of the process list and shell history.
  • The registry host argument is required for anything other than Docker Hub.
  • Login is per-registry; authenticate each registry you push to or pull from.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →