Pulling private images results in an unauthorized error

I am unable to pull any images from private repositories that I own from the GHCR.

I have tried the following using a PAT with the write:packages, repo, and delete:packages scopes

echo '<my_token>' | docker login -u <my_username> --password-stdin | docker pull ghcr.io/<my_username>/<my_private_repo>:latest

which gives:

Error response from daemon: Get "https://ghcr.io/v2/": denied: denied
Error response from daemon: Head "https://ghcr.io/v2/<my_username>/<my_repo>/manifests/latest": unauthorized

On doing

echo '<my_token>' | docker login -u <my_username> --password-stdin

I get

Login successful

But, when I try immediately after to pull the image using

docker pull ghcr.io/<my_username>/<my_repo>

I get

Error response from daemon: Head "https://ghcr.io/v2/<my_username>/<my_repo>/manifests/latest": unauthorized

The image pulls fine when the repo is private, but the image is made public. I would like to avoid making the package public.

I think this might have something to do with the scopes of my token, or probably this is by design,
since I cannot find a clear reference in the docs about access control for private packages not attached to organisations.

Any help would be appreciated.



I have a PAT token with repo, workflow, write:packages because I use it in github actions and also having both private repo + private packages. Works fine.
Both private repo + image are part of an organization.

You may need to check the access for your package; E.g. Inherit access from source repository

The user must be in the repo at least with role read.
docker pull ghcr.io//:latest

As I have mentioned, this repository is not attached to an organisation. It is a private repository on my personal account. As you said, this works fine with packages linked to organisations.

I want to add I’m having this same problem with organization packages and cannot seem to make it work. Further, I tried going to the organization link provided above and it’s simply a 404.

Found the link:

it can be found in repo->packages->{package name}->package settings

My issue persists despite it inheriting the permissions. Digging further.

I can confirm after a couple logins, not sure why, via docker login it worked.