Encrypt string (password) using bcrypt

 

 You can use verry simple method with httpasswd:

htpasswd will return encrypted password

htpasswd -bnBC 10 "" password | tr -d ':\n'

Simple User Authentication with Apache and MySQL

 

Whether you're a college professor wishing to grant students access to test results, or a research firm seeking to provide paying subscribers access to custom reports, you'll need to devise some way for your users to identify themselves in order to gain access to the restricted content. By identifying themselves, the users authenticate their identities. They often accomplish this authentication by providing a username and password, for which the college professor could provide the entire class with a single authentication combination. In other cases, however, you should grant a unique username and password to each subscriber.

In this article I'll show you how to implement both of these authentication approaches using nothing more than the Apache Web Server's native capabilities. The first approach can be implemented in mere minutes using a text file and a few command-line calls. The second approach is a tad more involved, requiring a bit of additional server configuration and a MySQL database, although you'll gain some additional flexibility along the way.

Before we begin, keep in mind that while you can indeed use these approaches to restrict access to a certain part of your website, they do not protect the transmission of the username and password from the client's computer to the server! Because the credentials are transmitted in plaintext, a savvy attacker could capture the information as it's passed over the network, thereby allowing the attacker to masquerade as an authorized user. To ensure maximum security, you should configure your server to use an SSL certificate, a task that although fairly easy to accomplish is out of the scope of this article.

Storing Credentials in a Text File

Apache has long supported a fairly simple authentication solution involving storing a username and password within a text file, which resides within the directory you'd like to protect. This text file is named .htpasswd, and its contents generally look like this:

jason:npvd3u9E86LaU susie:z4ETQllnrvvDk

You'll create this file and add user accounts to it using a command-line utility appropriately named htpasswd. To password-protect a particular directory within your website, navigate to that directory via the command line and execute the following command:

%>htpasswd -c .htpasswd jason 

This command accomplishes two important tasks: It creates the file and then creates a new user named jason. When you execute the command you'll be prompted to provide and confirm a password for user jason.

When your .htpasswd file and user are created, you're free to add other users by executing the same command but this time omitting the -c option and providing a different username. For instance, to add another user named susie you would execute the following command and again provide and confirm Susie's password:

%>htpasswd .htpasswd susie 

Creating the .htpasswd file isn't enough to protect the directory. You'll also need to modify Apache's configuration to recognize the .htpasswd file. Thankfully these configuration changes can be managed locally, meaning you won't need to modify Apache's httpd.conf file in order to effect these changes -- something that wouldn't be possible in most hosting environments. Instead, you'll use a file named .htaccess, which can be used to configure Apache on a per-directory basis. Although the .htaccess file can be used to perform many tasks, for the purposes of authentication you'll place it in the same directory as your .htpasswd file, adding the following lines to it:

AuthName "Restricted Content"
AuthType Basic
AuthUserFile /var/www/wjgilmore.com/members/.htpasswd
Require valid-user


When saved, navigating to the directory will cause Apache to verify whether the user has already provided valid credentials. If so, the user is granted access to the directory.

 

Using Apache's native .htpasswd capabilities, you can password-protect a directory in mere minutes. However, maintaining user accounts can be difficult, particularly in situations where account subscriptions are regularly created, ending, or renewed. A more flexible solution is managing the account credentials within a MySQL table and configuring Apache to compare the provided credentials against this repository. You can then create a Web-based interface to manage these accounts, or even simply manage them using a utility such as phpMyAdmin.

Begin by creating the table used to manage the account credentials. At a minimum, this table should contain columns for storing the account username and password. I'll call this table accounts:

CREATE TABLE accounts ( username VARCHAR(100) NOT NULL, password CHAR(32) NOT NULL, PRIMARY KEY(username) );

Apache's default behavior is to use DES for password encryption. However, you can also use MySQL's native password() function. I've opted to use the latter and so have adjusted the password column width so it can manage 41 characters, which is the size of a string encrypted using the password() function.

When the table has been created, add a few test accounts. As I mentioned previously you could use a utility such as phpMyAdmin to perform this task, but in any case the SQL query will look something like this:

INSERT INTO accounts VALUES('jason', password('secret')); 

With a few rows added, the accounts table will look like this:

+----------+-------------------------------------------+
| username | password |
+----------+-------------------------------------------+
| jason | *14E65567ABDB5135D0CFD9A70B3032C179A49EE7 |
| susie | *7C67218EF7410F248763DC99AEDC705367393C4A |
+----------+-------------------------------------------+



Next you'll need to configure Apache so it can communicate with the accounts table. This is done by installing the mod_auth_mysql module. If you're running Ubuntu or Debian, you simply execute the following command:

%>sudo apt-get install libapache2-mod-auth-mysql 

When mod_auth_mysql is installed, enable the module by executing the following command:

%>sudo a2enmod auth_mysql

Restart Apache, and make sure the module has been loaded by executing the following command:

%>apache2 -M

In the list of modules you should see auth_mysql_module. When configured, you can update your .htaccess file to refer to the accounts table by adding the following directives:

AuthBasicAuthoritative Off
AuthMYSQL on
AuthMySQL_Authoritative on
AuthMySQL_Host localhost
AuthMySQL_User root
AuthMySQL_Password jason
AuthMySQL_DB developer
AuthMySQL_Password_Table accounts
AuthMySQL_Username_Field username
AuthMySQL_Password_Field password
AuthMySQL_Encryption_Types MySQL
Auth_MySQL_Scrambled_Passwords on

Save the file and attempt to access the restricted directory. This time Apache will talk to MySQL to determine whether you're allowed to enter!

 source

ffmpeg error: UDP timeout, retrying with TCP

In many cases I need to open a rtsp stream:

ffmpeg  -i rtsp://user:pass@X.X.X.X:554

but I have following error:

[rtsp @ 0x80670e000] UDP timeout, retrying with TCP
[rtsp @ 0x80670e000] method PAUSE failed: 551 Option not supported
[rtsp @ 0x80670e000] Could not find codec parameters for stream 0 (Video: h264, none): unspecified size
Consider increasing the value for the 'analyzeduration' and 'probesize' options
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, rtsp, from 'rtsp://stream:c0L3g!u2021@X.X.X.X:554':
  Metadata:
    title           : Media Presentation
  Duration: N/A, bitrate: 64 kb/s
    Stream #0:0: Video: h264, none, 90k tbr, 90k tbn, 180k tbc
    Stream #0:1: Audio: pcm_mulaw, 8000 Hz, mono, s16, 64 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (copy)
  Stream #0:1 -> #0:1 (pcm_mulaw (native) -> aac (native))
Press [q] to stop, [?] for help
[rtsp @ 0x80670e000] UDP timeout, retrying with TCP
[rtsp @ 0x80670e000] method PAUSE failed: 551 Option not supported
rtsp://stream:c0L3g!u2021@X.X.X.X:554: Operation not permitted
[aac @ 0x8066a5100] Too many bits 8832.000000 > 6144 per frame requested, clamping to max
[segment @ 0x80670f200] dimensions not set
Could not write header for output file #0 (incorrect codec parameters ?): Invalid argument

In this case stream is on TCP but ffmpeg try first time with UDP. The problem is the ffmpeg not open the stream in this conditions.

To force ffmpeg to try in TCP only we use -rtsp_transport option tcp.

In this case we will have:

ffmpeg -rtsp_transport tcp -i rtsp://user:pass@X.X.X.X:554

 

This parameter work for following error:

Invalid data found when processing input

Restreaming with ffmpeg

 

Re-stream sample.mp4

---

This example re-streams the sample.mp4 video.

Notes:

• The sample.mp4 file is about 10 minutes long. FFmpeg stops when streaming ends, so you may have to restart FFmpeg during configuration and testing. To loop your command to generate a constant test stream, preface the FFmpeg command with

FOR /L %% IN (0) DO

• To host FFmpeg on a computer other than the computer, change udp://127.0.0.1:10000 in the example to the IP address and any destination UDP port. Be sure that the specified UDP port is open on any routers or firewalls between the server hosting FFmpeg.
   

1. In a Terminal window, enter one of the following commands.

• For a low-bitrate, low-complexity, low-quality stream that can be played on most devices and systems:

ffmpeg -re -i "%WMSAPP_HOME%/content/sample.mp4" -pix_fmt yuv420p -vsync 1 -threads 0 -vcodec libx264 -r 30 -g 60 -sc_threshold 0 -b:v 512k -bufsize 640k -maxrate 640k -preset veryfast -profile:v baseline -tune film -acodec aac -b:a 128k -ac 2 -ar 48000 -af "aresample=async=1:min_hard_comp=0.100000:first_pts=0" -bsf:v h264_mp4toannexb -f mpegts udp://127.0.0.1:10000?pkt_size=1316

• For a higher-quality stream:

ffmpeg -re -i "%WMSAPP_HOME%/content/sample.mp4" -pix_fmt yuv420p -vsync 1 -threads 0 -vcodec libx264 -r 30 -g 60 -sc_threshold 0 -b:v 640k -bufsize 768k -maxrate 800k -preset veryfast -profile:v baseline -tune film -acodec aac -b:a 128k -ac 2 -ar 48000 -af "aresample=async=1:min_hard_comp=0.100000:first_pts=0" -bsf:v h264_mp4toannexb -f mpegts udp://127.0.0.1:10000?pkt_size=1316

2. Follow the instructions to set up a live application to re-stream the FFmpeg stream. When configuring the application and adding a stream file on the Stream Files page, use udp://127.0.0.1:10000 as the Stream URI.

Re-stream using passthrough

---

Content can also be re-streamed by passing the existing encode though FFmpeg without re-encoding. For passthrough re-streaming, use the -codec option and set it to copy. This example re-streams sample.mp4 as a passthrough instead of the full encode shown in the previous example.

ffmpeg -re -i "%WMSAPP_HOME%/content/sample.mp4" -codec copy -bsf:v h264_mp4toannexb -f mpegts udp://127.0.0.1:10000?pkt_size=1316

Re-stream RTSP with password authentication

---

This example re-streams sample.mp4 with user authentication, level 3.0 logging verbosity, a 24-fps frame rate, 2-second keyframe frequency, 310 kbps bitrate, and 44.1 kHz stereo audio.

ffmpeg -re -i "%WMSAPP_HOME%/content/sample.mp4" -pix_fmt yuv420p -vsync 1 -threads 0 -vcodec libx264 -r 30 -g 60 -sc_threshold 0 -b:v 640k -bufsize 768k -maxrate 800k -preset veryfast -profile:v baseline -tune film -acodec aac -b:a 128k -ac 2 -ar 48000 -af "aresample=async=1:min_hard_comp=0.100000:first_pts=0" -f rtsp rtsp://username:password@[server-address]:1935/live/myStream

Re-stream RTP with SDP

---

This example captures local hardware devices, uses a 15-fps frame rate, 8-bit color, and generates an SDP file that contains metadata about the streaming session.

ffmpeg -f dshow -s 640x480 -r 15 -i video="Logitech HD Pro Webcam C920" -f dshow -i audio="Microphone (HD Pro Webcam C920)" -pix_fmt yuv420p -vsync 1 -threads 0 -vcodec libx264 -r 15 -g 30 -sc_threshold 0 -b:v 640k -bufsize 768k -maxrate 800k -preset veryfast -profile:v baseline -tune film -an -f rtp rtp://127.0.0.1:10000 -acodec aac -b:a 128k -ac 2 -ar 48000 -af "aresample=async=1:min_hard_comp=0.100000:first_pts=0" -vn -f rtp rtp://127.0.0.1:10002 > 10000.sdp

Re-stream UDP-based MPEG-TS

---

1. In a Terminal window, enter:

ffmpeg -re -i inputfile.mp4 -codec copy -bsf:v h264_mp4toannexb -f mpegts udp://[<em>server-address</em>]:1234?pkt_size=1316

2. Follow the instructions to create a live application to broadcast the FFmpeg stream.

Re-stream TCP-based MPEG-TS

---

1. In a Terminal window, enter:

ffmpeg -re -i inputfile.mp4 -codec copy -bsf:v h264_mp4toannexb -f mpegts tcp://[<em>server-address</em>]:1234?listen

2. Follow the instructions to create a live application to broadcast the FFmpeg stream.

Re-stream UDP-based RTSP

---

1. In a Terminal window, enter:

ffmpeg -re -i inputfile.mp4 -codec copy -f rtsp rtsp://username:password@[server-address]:1935/live/myStream

2. Follow the instructions to connect your RTSP encoder  and create a live application to broadcast the FFmpeg stream.

Re-stream TCP-based RTSP

---

1. In a Terminal window, enter:

ffmpeg -re -i inputfile.mp4 -codec copy -rtsp_transport tcp -f rtsp rtsp://username:password@[server-address]:1935/live/myStream

2. Follow the instructions  to connect your RTSP encoder and create a live application to broadcast the FFmpeg stream.

Re-stream RTMP

---

1. In a Terminal window, enter:

ffmpeg -re -i inputfile.mp4 -codec copy -f flv rtmp://username:password@[server-address]:1935/live/myStream

2. Follow the instructions to connect your RTMP encoder and create a live application to broadcast the FFmpeg stream.

Re-stream to MP4

---

• In a Terminal window, enter:

ffmpeg -re -i inputfile.mp4 -codec copy -f mp4 output.mp4

source

Install Docker under Debian 10

Step 1 — Installing Docker

The Docker installation package available in the official Debian repository may not be the latest version. To ensure we get the latest version, we’ll install Docker from the official Docker repository. To do that, we’ll add a new package source, add the GPG key from Docker to ensure the downloads are valid, and then install the package.

First, update your existing list of packages:

sudo apt update

Next, install a few prerequisite packages which let apt use packages over HTTPS:

sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common

Then add the GPG key for the official Docker repository to your system:

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -

Add the Docker repository to APT sources:

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"

Next, update the package database with the Docker packages from the newly added repo:

sudo apt update

Make sure you are about to install from the Docker repo instead of the default Debian repo:

apt-cache policy docker-ce

You’ll see output like this, although the version number for Docker may be different:

Output of apt-cache policy docker-ce

ocker-ce:
  Installed: (none)
  Candidate: 5:18.09.7~3-0~debian-buster
  Version table:
     5:18.09.7~3-0~debian-buster 500
        500 https://download.docker.com/linux/debian buster/stable amd64 Packages

Notice that docker-ce is not installed, but the candidate for installation is from the Docker repository for Debian 10 (buster).

Finally, install Docker:

sudo apt install docker-ce

Docker is now installed, the daemon started, and the process enabled to start on boot. Check that it’s running:

sudo systemctl status docker

The output will be similar to the following, showing that the service is active and running:

Output
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2019-07-08 15:11:19 UTC; 58s ago
     Docs: https://docs.docker.com
 Main PID: 5709 (dockerd)
    Tasks: 8
   Memory: 31.6M
   CGroup: /system.slice/docker.service
           └─5709 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Installing Docker gives you not just the Docker service (daemon) but also the docker command line utility, or the Docker client. We’ll explore how to use the docker command later in this tutorial.

Step 2 — Executing the Docker Command Without Sudo (Optional)

By default, the docker command can only be run the root user or by a user in the docker group, which is automatically created during Docker’s installation process. If you attempt to run the docker command without prefixing it with sudo or without being in the docker group, you’ll get an output like this:

Output
docker: Cannot connect to the Docker daemon. Is the docker daemon running on this host?.
See 'docker run --help'.

If you want to avoid typing sudo whenever you run the docker command, add your username to the docker group:

sudo usermod -aG docker ${USER}

To apply the new group membership, log out of the server and back in, or type the following:

su - ${USER}

You will be prompted to enter your user’s password to continue.

Confirm that your user is now added to the docker group by typing:

id -nG

Output
sammy sudo docker

If you need to add a user to the docker group that you’re not logged in as, declare that username explicitly using:

sudo usermod -aG docker username

The rest of this article assumes you are running the docker command as a user in the docker group. If you choose not to, please prepend the commands with sudo.

Let’s explore the docker command next.

Step 3 — Using the Docker Command

Using docker consists of passing it a chain of options and commands followed by arguments. The syntax takes this form:

docker [option] [command] [arguments]

To view all available subcommands, type:

docker

As of Docker 18, the complete list of available subcommands includes:

Output
attach      Attach local standard input, output, and error streams to a running container
build       Build an image from a Dockerfile
commit      Create a new image from a container's changes
cp          Copy files/folders between a container and the local filesystem
create      Create a new container
diff        Inspect changes to files or directories on a container's filesystem
events      Get real time events from the server
exec        Run a command in a running container
export      Export a container's filesystem as a tar archive
history     Show the history of an image
images      List images
import      Import the contents from a tarball to create a filesystem image
info        Display system-wide information
inspect     Return low-level information on Docker objects
kill        Kill one or more running containers
load        Load an image from a tar archive or STDIN
login       Log in to a Docker registry
logout      Log out from a Docker registry
logs        Fetch the logs of a container
pause       Pause all processes within one or more containers
port        List port mappings or a specific mapping for the container
ps          List containers
pull        Pull an image or a repository from a registry
push        Push an image or a repository to a registry
rename      Rename a container
restart     Restart one or more containers
rm          Remove one or more containers
rmi         Remove one or more images
run         Run a command in a new container
save        Save one or more images to a tar archive (streamed to STDOUT by default)
search      Search the Docker Hub for images
start       Start one or more stopped containers
stats       Display a live stream of container(s) resource usage statistics
stop        Stop one or more running containers
tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top         Display the running processes of a container
unpause     Unpause all processes within one or more containers
update      Update configuration of one or more containers
version     Show the Docker version information
wait        Block until one or more containers stop, then print their exit codes

To view the options available to a specific command, type:

docker docker-subcommand --help

To view system-wide information about Docker, use:

docker info

Let’s explore some of these commands. We’ll start by working with images.

Step 4 — Working with Docker Images

Docker containers are built from Docker images. By default, Docker pulls these images from Docker Hub, a Docker registry managed by Docker, the company behind the Docker project. Anyone can host their Docker images on Docker Hub, so most applications and Linux distributions you’ll need will have images hosted there.

To check whether you can access and download images from Docker Hub, type:

docker run hello-world

The output will indicate that Docker in working correctly:

Output
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:41a65640635299bab090f783209c1e3a3f11934cf7756b09cb2f1e02147c6ed8
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.
...

Docker was initially unable to find the hello-world image locally, so it downloaded the image from Docker Hub, which is the default repository. Once the image downloaded, Docker created a container from the image and the application within the container executed, displaying the message.

You can search for images available on Docker Hub by using the docker command with the search subcommand. For example, to search for the Ubuntu image, type:

docker search ubuntu

The script will crawl Docker Hub and return a listing of all images whose name match the search string. In this case, the output will be similar to this:

Output
NAME                                                      DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
ubuntu                                                    Ubuntu is a Debian-based Linux operating sys…   9704                [OK]
dorowu/ubuntu-desktop-lxde-vnc                            Docker image to provide HTML5 VNC interface …   319                                     [OK]
rastasheep/ubuntu-sshd                                    Dockerized SSH service, built on top of offi…   224                                     [OK]
consol/ubuntu-xfce-vnc                                    Ubuntu container with "headless" VNC session…   183                                     [OK]
ubuntu-upstart                                            Upstart is an event-based replacement for th…   99                  [OK]
ansible/ubuntu14.04-ansible                               Ubuntu 14.04 LTS with ansible                   97                                      [OK]
neurodebian                                               NeuroDebian provides neuroscience research s…   57                  [OK]
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5      ubuntu-16-nginx-php-phpmyadmin-mysql-5          50                                      [OK]
ubuntu
...

In the OFFICIAL column, OK indicates an image built and supported by the company behind the project. Once you’ve identified the image that you would like to use, you can download it to your computer using the pull subcommand.

Execute the following command to download the official ubuntu image to your computer:

docker pull ubuntu

You’ll see the following output:

Output
Using default tag: latest
latest: Pulling from library/ubuntu
5b7339215d1d: Pull complete
14ca88e9f672: Pull complete
a31c3b1caad4: Pull complete
b054a26005b7: Pull complete
Digest: sha256:9b1702dcfe32c873a770a32cfd306dd7fc1c4fd134adfb783db68defc8894b3c
Status: Downloaded newer image for ubuntu:latest

After an image has been downloaded, you can then run a container using the downloaded image with the run subcommand. As you saw with the hello-world example, if an image has not been downloaded when docker is executed with the run subcommand, the Docker client will first download the image, then run a container using it.

To see the images that have been downloaded to your computer, type:

docker images

The output should look similar to the following:

Output
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
ubuntu              latest              4c108a37151f        2 weeks ago         64.2MB
hello-world         latest              fce289e99eb9        6 months ago        1.84kB

As you’ll see later in this tutorial, images that you use to run containers can be modified and used to generate new images, which may then be uploaded (pushed is the technical term) to Docker Hub or other Docker registries.

Let’s look at how to run containers in more detail.

Step 5 — Running a Docker Container

The hello-world container you ran in the previous step is an example of a container that runs and exits after emitting a test message. Containers can be much more useful than that, and they can be interactive. After all, they are similar to virtual machines, only more resource-friendly.

As an example, let’s run a container using the latest image of Ubuntu. The combination of the -i and -t switches gives you interactive shell access into the container:

docker run -it ubuntu

Your command prompt should change to reflect the fact that you’re now working inside the container and should take this form:

Output
root@d9b100f2f636:/#

Note the container id in the command prompt. In this example, it is d9b100f2f636. You’ll need that container ID later to identify the container when you want to remove it.

Now you can run any command inside the container. For example, let’s update the package database inside the container. You don’t need to prefix any command with sudo, because you’re operating inside the container as the root user:

apt update

Then install any application in it. Let’s install Node.js:

apt install nodejs

This installs Node.js in the container from the official Ubuntu repository. When the installation finishes, verify that Node.js is installed:

node -v

You’ll see the version number displayed in your terminal:

Output
v8.10.0

Any changes you make inside the container only apply to that container.

To exit the container, type exit at the prompt.

Let’s look at managing the containers on our system next.

Step 6 — Managing Docker Containers

After using Docker for a while, you’ll have many active (running) and inactive containers on your computer. To view the active ones, use:

docker ps

You will see output similar to the following:

Output
CONTAINER ID        IMAGE               COMMAND             CREATED             

In this tutorial, you started two containers; one from the hello-world image and another from the ubuntu image. Both containers are no longer running, but they still exist on your system.

To view all containers — active and inactive, run docker ps with the -a switch:

docker ps -a

You’ll see output similar to this:

CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS                      PORTS               NAMES
d42d0bbfbd35        ubuntu              "/bin/bash"         About a minute ago   Exited (0) 20 seconds ago                       friendly_volhard
0740844d024c        hello-world         "/hello"            3 minutes ago        Exited (0) 3 minutes ago                        elegant_neumann

To view the latest container you created, pass it the -l switch:

docker ps -l

CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS                      PORTS               NAMES

d42d0bbfbd35        ubuntu              "/bin/bash"         About a minute ago   Exited (0) 34 seconds ago                       friendly_volhard

To start a stopped container, use docker start, followed by the container ID or the container’s name. Let’s start the Ubuntu-based container with the ID of d9b100f2f636:

docker start d42d0bbfbd35

The container will start, and you can use docker ps to see its status:

CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
d42d0bbfbd35        ubuntu              "/bin/bash"         About a minute ago   Up 8 seconds                            friendly_volhard

To stop a running container, use docker stop, followed by the container ID or name. This time, we’ll use the name that Docker assigned the container, which is friendly_volhard:

docker stop friendly_volhard

Once you’ve decided you no longer need a container anymore, remove it with the docker rm command, again using either the container ID or the name. Use the docker ps -a command to find the container ID or name for the container associated with the hello-world image and remove it.

docker rm elegant_neumann

You can start a new container and give it a name using the --name switch. You can also use the --rm switch to create a container that removes itself when it’s stopped. See the docker run help command for more information on these options and others.

Containers can be turned into images which you can use to build new containers. Let’s look at how that works.

Step 7 — Committing Changes in a Container to a Docker Image

When you start up a Docker image, you can create, modify, and delete files just like you can with a virtual machine. The changes that you make will only apply to that container. You can start and stop it, but once you destroy it with the docker rm command, the changes will be lost for good.

This section shows you how to save the state of a container as a new Docker image.

After installing Node.js inside the Ubuntu container, you now have a container running off an image, but the container is different from the image you used to create it. But you might want to reuse this Node.js container as the basis for new images later.

Then commit the changes to a new Docker image instance using the following command.

docker commit -m "What you did to the image" -a "Author Name" container_id repository/new_image_name

The -m switch is for the commit message that helps you and others know what changes you made, while -a is used to specify the author. The container_id is the one you noted earlier in the tutorial when you started the interactive Docker session. Unless you created additional repositories on Docker Hub, the repository is usually your Docker Hub username.

For example, for the user sammy, with the container ID of d9b100f2f636, the command would be:

docker commit -m "added Node.js" -a "sammy" d42d0bbfbd35 sammy/ubuntu-nodejs

When you commit an image, the new image is saved locally on your computer. Later in this tutorial, you’ll learn how to push an image to a Docker registry like Docker Hub so others can access it.

Listing the Docker images again will show the new image, as well as the old one that it was derived from:

docker images

You’ll see output like this:

Output
REPOSITORY            TAG                 IMAGE ID            CREATED             SIZE
sammy/ubuntu-nodejs   latest              d441c62350b4        10 seconds ago      152MB
ubuntu                latest              4c108a37151f        2 weeks ago         64.2MB
hello-world           latest              fce289e99eb9        6 months ago        1.84kB

In this example, ubuntu-nodejs is the new image, which was derived from the existing ubuntu image from Docker Hub. The size difference reflects the changes that were made. And in this example, the change was that NodeJS was installed. So next time you need to run a container using Ubuntu with NodeJS pre-installed, you can just use the new image.

You can also build Images from a Dockerfile, which lets you automate the installation of software in a new image. However, that’s outside the scope of this tutorial.

Now let’s share the new image with others so they can create containers from it.

Step 8 — Pushing Docker Images to a Docker Repository

The next logical step after creating a new image from an existing image is to share it with a select few of your friends, the whole world on Docker Hub, or other Docker registry that you have access to. To push an image to Docker Hub or any other Docker registry, you must have an account there.

This section shows you how to push a Docker image to Docker Hub. To learn how to create your own private Docker registry, check out How To Set Up a Private Docker Registry on Ubuntu 14.04.

To push your image, first log into Docker Hub.

docker login -u docker-registry-username

You’ll be prompted to authenticate using your Docker Hub password. If you specified the correct password, authentication should succeed.

Note: If your Docker registry username is different from the local username you used to create the image, you will have to tag your image with your registry username. For the example given in the last step, you would type:

docker tag sammy/ubuntu-nodejs docker-registry-username/ubuntu-nodejs

Then you may push your own image using:

docker push docker-registry-username/docker-image-name

To push the ubuntu-nodejs image to the sammy repository, the command would be:

docker push sammy/ubuntu-nodejs

The process may take some time to complete as it uploads the images, but when completed, the output will look like this:

Output
The push refers to a repository [docker.io/sammy/ubuntu-nodejs]
e3fbbfb44187: Pushed
5f70bf18a086: Pushed
a3b5c80a4eba: Pushed
7f18b442972b: Pushed
3ce512daaf78: Pushed
7aae4540b42d: Pushed

...

To enter in container you can run: docker exec -it  /bin/bash

source