podman-login - Log in to a container registry


podman login [options] [registry]


podman login logs into a specified registry server with the correct username and password. If the registry is not specified, the first registry under [] from registries.conf is used. podman login reads in the username and password from STDIN. The username and password can also be set using the username and password flags. The path of the authentication file can be specified by the user by setting the authfile flag. The default path for reading and writing credentials is ${XDG_RUNTIME_DIR}/containers/auth.json. Podman uses existing credentials if the user does not pass in a username. Podman first searches for the username and password in the ${XDG_RUNTIME_DIR}/containers/auth.json, if they are not valid, Podman then uses any existing credentials found in $HOME/.docker/config.json. If those credentials are not present, Podman creates ${XDG_RUNTIME_DIR}/containers/auth.json (if the file does not exist) and then stores the username and password from STDIN as a base64 encoded string in it. For more details about format and configurations of the auth.json file, see containers-auth.json(5)


podman login [GLOBAL OPTIONS]




Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json on Linux, and $HOME/.config/containers/auth.json on Windows/macOS. The file is created by podman login. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using docker login.

Note: There is also the option to override the default path of the authentication file by setting the REGISTRY_AUTH_FILE environment variable. This can be done with export REGISTRY_AUTH_FILE=path.


Use certificates at path (*.crt, *.cert, *.key) to connect to the registry. (Default: /etc/containers/certs.d) For details, see containers-certs.d(5). (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)


Instead of updating the default credentials file, update the one at path, and use a Docker-compatible format.


Return the logged-in user for the registry. Return error if no login is found.

--help, -h

Print usage statement

--password, -p=password

Password for registry


Take the password from stdin


Read the password for the registry from the podman secret name. If --username is not specified --username=name is used.


Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true, TLS verification is used. If set to false, TLS verification is not used. If not specified, TLS verification is used unless the target registry is listed as an insecure registry in containers-registries.conf(5)

--username, -u=username

Username for registry

--verbose, -v

print detailed information about credential store


$ podman login
Username: umohnani
Login Succeeded!
$ podman login -u testuser -p testpassword localhost:5000
Login Succeeded!
$ podman login --authfile authdir/myauths.json
Username: umohnani
Login Succeeded!
$ echo -n MySecret! | podman secret create secretname -
$ podman login --secret secretname -u testuser
Login Succeeded!
$ podman login --tls-verify=false -u test -p test localhost:5000
Login Succeeded!
$ podman login --cert-dir /etc/containers/certs.d/ -u foo -p bar localhost:5000
Login Succeeded!
$ podman login -u testuser  --password-stdin < testpassword.txt
Login Succeeded!
$ echo $testpassword | podman login -u testuser --password-stdin
Login Succeeded!
$ podman login --verbose
Username: myusername
Used: /run/user/1000/containers/auth.json
Login Succeeded!


podman(1), podman-logout(1), containers-auth.json(5), containers-certs.d(5), containers-registries.conf(5), podman-secret(1), podman-secret-create(1)


August 2017, Originally compiled by Urvashi Mohnani