Docker: What is the simplest way to secure a private registry


Our Docker images ship closed sources, we need to store them somewhere safe, using own private docker registry.
We search the simplest way to deploy a private docker registry with a simple authentication layer.

I found :

I think use shipyard/docker-private-registry, but is there one another best way?

Best Solution

I'm still learning how to run and use Docker, consider this an idea:

# Run the registry on the server, allow only localhost connection
docker run -p registry

# On the client, setup ssh tunneling
ssh -N -L 5000:localhost:5000 user@server

The registry is then accessible at localhost:5000, authentication is done through ssh that you probably already know and use.