-
Bug
-
Resolution: Fixed
-
Critical
-
None
When running a parameterized build of type Execute shell script on remote host using ssh, it logs in the console output all the parameters that are used in the script with their values. This is a problem with Password Parameter types, they should be hidden. This is a serious security issue, passwords must never be logged anywhere.
- is related to
-
JENKINS-23135 Option to disable echo of SSH command
-
- Open
-
[JENKINS-24913] SSH Plugin displays password parameter values unencrypted in log
Pietro Descombes
created issue -
Pietro Descombes
made changes -
| Link | New: This issue is related to JENKINS-23135 [ JENKINS-23135 ] |
Pietro Descombes
made changes -
| Attachment | New: shell-script.png [ 27706 ] | |
| Attachment | New: password-parameter.png [ 27707 ] | |
| Attachment | New: ssh-log.png [ 27708 ] |
John Tatum
made changes -
| Assignee | New: John Tatum [ johnnybgoode ] |
Dan Ftb
made changes -
| Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Dan Ftb
made changes -
| Status | Original: In Progress [ 3 ] | New: Open [ 1 ] |
Dan Ftb
made changes -
| Rank | New: Ranked higher |
| Workflow | Original: JNJira [ 158713 ] | New: JNJira + In-Review [ 179755 ] |
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Closed [ 6 ] |
