Dashboard > Pulse v1.2 > ... > Agents > Agent Security
  Pulse v1.2 Log In | Sign Up   View a printable version of the current page.  
  Agent Security
 Browse Space
Added by Jason Sankey, last edited by Jason Sankey on Dec 19, 2006  (view change)
Labels: 
(None)

Pulse Manual Index

Overview

As pulse™ agents are used to execute arbitrary builds, it is important that they are secured so that they will only accept commands from the pulse™ master server. To facilitate secure communication, pulse™ uses a random token shared amongst the master and all connected agents.

Token Initialisation

A new secure token is generated randomly by the pulse™ master when it is first started. When a pulse™ agent is first contacted by the master, it will accept the first token sent to it. Thus it is imperative that the agent is secured by contact from the master (pings sent out by the master periodically are sufficient) as soon as it is installed. This is akin to securing a system with a password during an initial setup process.

Token Management

The token for both masters and agents is stored in the file:

$PULSE_DATA/config/service.token

If for any reason you believe the master token has been compromised, you should delete the token file and restart the master to force generation of a new token.

Token Mismatches

If the token for an agent differs from the master token, the agent will enter the "token mismatch" state. The agent will be unavailable until the mismatch is resolved. The simplest way to resolve the mismatch is to delete the agent's token file. When the agent is next contacted by the master, it will accept the master's token.

Zutubi wiki is Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.2.10 Build:#528 Nov 29, 2006) - Bug/feature request - Contact Administrators