Fixing GHCR “Unauthorized” + Docker “Cannot perform interactive login from non-TTY” in GitHub Actions + SSH Deployments

查看原文 / View Original 编辑 / Edit

It appears the content you provided contains UI/system text from a GitHub interface rather than the actual technical article.

However, based on your title, I have drafted the bilingual content that addresses the technical issues you mentioned (GHCR “Unauthorized” and Docker non-TTY login errors).

Title: Fixing GHCR “Unauthorized” + Docker “Cannot perform interactive login from non-TTY” in GitHub Actions + SSH Deployments

标题:解决 GitHub Actions 与 SSH 部署中遇到的 GHCR “Unauthorized” 及 Docker “Cannot perform interactive login from non-TTY” 错误

When automating deployments via GitHub Actions, you may encounter authentication errors when pushing to or pulling from the GitHub Container Registry (GHCR), or “non-TTY” errors when running Docker commands over SSH. Here is how to resolve them.

在通过 GitHub Actions 进行自动化部署时,你可能会在向 GitHub Container Registry (GHCR) 推送或拉取镜像时遇到认证错误,或者在通过 SSH 执行 Docker 命令时遇到“non-TTY”错误。以下是解决方法。

1. Fixing GHCR “Unauthorized”

1. 解决 GHCR “Unauthorized” 错误

This error usually occurs because the GITHUB_TOKEN lacks the necessary permissions to access the package. Ensure your workflow has the correct permissions block defined.

此错误通常是因为 GITHUB_TOKEN 缺乏访问该软件包的必要权限。请确保你的工作流(Workflow)中定义了正确的 permissions 块。

permissions:
  packages: write
  contents: read

Additionally, ensure you are logging in using the correct registry URL: ghcr.io.

此外,请确保你使用的是正确的注册表地址进行登录:ghcr.io

2. Fixing “Cannot perform interactive login from non-TTY”

2. 解决 “Cannot perform interactive login from non-TTY” 错误

This error happens when you try to run docker login inside a non-interactive shell (like an SSH session or a CI runner). To fix this, use the --password-stdin flag to pass the token securely.

当你在非交互式 Shell(如 SSH 会话或 CI 运行器)中尝试运行 docker login 时,会出现此错误。要解决此问题,请使用 --password-stdin 参数以安全地传递令牌。

Incorrect: 错误做法: echo $CR_PAT | docker login ghcr.io -u USERNAME

Correct: 正确做法: echo $CR_PAT | docker login ghcr.io -u USERNAME --password-stdin

By piping the token into stdin, Docker avoids attempting to open an interactive TTY prompt, allowing the command to succeed in automated environments.

通过将令牌通过管道传输到 stdin,Docker 将不再尝试打开交互式 TTY 提示符,从而使命令能够在自动化环境中成功执行。

← 返回新闻列表 / Back to news list