Snapcraft’s login credentials can be exported and subsequently used on a system where login is not possible or desired, such as on a system that’s offline. For cases when the system does not have a functioning or compatible keyring, Snapcraft will fall back to a file based backend.
To export snapcraft’s login credentials, use the export-login
command with the name of a file to store the credentials. On any system where Snapcraft is supported, run:
snapcraft export-login <credentials-filename>
You will be asked for your email, password and second-factor authentication.
Credentials exported with Snapcraft 7 can only be used with Snapcraft 7 or greater
Previously exported credentials can be used to authenticate Snapcraft with an environment variable, or on older versions of Snapcraft, by using login --with
and an external file.
On the system you wish to use previously exported credentials, the contents of the credentials file needs to be placed into an environment variable called SNAPCRAFT_STORE_CREDENTIALS
. This can be accomplished in many ways, but the following is a good solution:
export SNAPCRAFT_STORE_CREDENTIALS=$(cat <credentials-filename>)
Use snapcraft whoami
to verify login credentials are working:
$ snapcraft whoami
email: <account-email>
username: <account-name>
id: <account-id>
permissions: package_access, package_manage, package_metrics,
package_push, package_register, package_release, package_update
channels: no restrictions
expires: 2023-06-15T14:49:49.000Z
On systems where you wish to remain logged in, snapcraft login
can be used. Snapcraft will attempt to use the system keyring. If no keyrings are installed or initialized, Snapcraft will fall back to file-based credential storage. The file-based storage is managed by Snapcraft. If you wish to import/export credentials, see the snapcraft export-login
sections instead.
Note that snapcraft login
sometimes fails to unlock gnome-keyring
. This can occur when accessing a Linux system with a desktop environment from a virtual console or ssh. gnome-keyring
will not present a cli password prompt to unlock the keyring, causing Snapcraft to hang and timeout.
Only supported for the migration from Snapcraft 6 to 7 when using credentials generated with Snapcraft 6
In addition to what is described in Using exported snapcraft credentials, the snapcraft login
command accepts an additional --with
argument to reference a login credentials file.
snapcraft login --with <credentials-filename>
Not required from Snapcraft 7.5.4 and onwards, Snapcraft will fallback to a file based backend in the absence of a working system keyring.
A Linux desktop will typically include an integrated keyring utility to store and retrieve passwords. This process can also be made to work on a headless system with no display connected or accessible desktop.
First, make sure gnome-keyring
is installed:
apt install gnome-keyring
Now start a dbus session:
dbus-run-session -- sh
To unlock the keyring from the command-line, run the following. You will be asked to enter a passphrase, type ctrl+d when done:
gnome-keyring-daemon --unlock
Now you can login as usual:
snapcraft login
Last updated 5 months ago.