How are docker-machine certs used?

I’m starting to learn docker-machine and am unsure what to do about the keys/certs that are generated when issuing docker-machine create:

  • id_rsa
  • userdata.tar

How are these keys/certs used by docker-machine and how should I use them? Can I commit them to the repo so others on my project can control the remote docker-machine?

  • Way to set “--rm” flag for Ansible Docker module?
  • Setting multiple DOCKER_OPTS arguments
  • How do I use docker from local to a remote machine?
  • Dockerizing PostgreSQL - psql Connection refused
  • Building a docker play application with gradle
  • Using the host ip in docker-compose
  • Another behaviour that’s got me confused is:

    If I remove the remote machine and create a second machine, docker-machine will ask me for a password:

    INFO[0000] Generating SSH Keypair…
    INFO[0000] Uploading Boot2docker ISO …
    INFO[0000] Uploading /home/username/.docker/machine/cache/boot2docker-1.5.0-GH747.iso to boot2docker-iso on datastore Local Datastore of vCenter 123.456.789.012…
    INFO[0006] Creating virtual machine MyMachineName of vCenter 123.456.789.012…
    INFO[0011] Configuring the virtual machine MyMachineName…
    INFO[0016] Powering on virtual machine MyMachineName of vCenter 123.456.789.012…
    docker@123.456.789.013’s password:

    But once I delete the id_rsa,, and userdata.tar, docker-machine can create the machine just fine without needing to ask for the password.

    I tried reading the documentation, and the only information I found was that the keys/certs can be regenerated using docker-machine regenerate-certs.

    I’m pretty sure I’m just missing some sort of basic, common knowledge and that’s why nothing is documented about it.


    This seems to touch on the same issue, but things still weren’t crystal clear after reading it:

    Managing remote docker machines from multiple development machines

  • run /usr/sbin/sshd in a Dockerfile does not work
  • GitLab-CI Multi Runner php composer cache
  • Migrating from shared development database to single database for each developer
  • AWS Elastic Beanstalk with single container docker: Logging parameter in
  • Updating a config file through docker-compose
  • Celery doesn't work on docker
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.