Generate random secret for agent connection

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

      Context

      It was reported as https://issues.jenkins.io/browse/SECURITY-2425, but considered as an improvement instead of a vulnerability. The documentation was updated in https://github.com/jenkinsci/remoting/pull/476.
      Also discussed in https://github.com/jenkinsci/docker-inbound-agent/pull/76#issuecomment-1329019981.

      Idea

      Currently the HMAC is generated using the agent name, which is deterministic. It could be also potentially reused, generating potential issues. Having a randomly generated secret during agent creation could ease reusability of name and configuration through JCasC.

            Assignee:
            Unassigned
            Reporter:
            Wadeck Follonier
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Archived: