I am setting up a new jenkins master with an eye on secure setup and configuration.
I must have read and experimented with almost all that results from googling and from Jenkins' own documentation, related to authentication and authorization strategies.
I have settled on those.
The next step is to get credentials right: Global and System (which are a bit confusing) as well as Domains within each (which are even more confusing).
As part of the setup, I opted for ssh. I was horrified to see that I'd need to paste-in the actual jenkins master's ssh private key into the GUI. This means that any subversion or any mistake on my part or on part of another admin (2 of us) may result in the easy disclosure of that immensely important key.
This led me to believe that either I am using it wrong, OR there is a much better and more secure option to use.
Advice or pointers would be sincerely appreciated.
question from:
https://stackoverflow.com/questions/65873832/is-my-use-of-ssh-credentials-within-jenkins-wrong 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
