So if the Secret is populated when on the master and has been snapshotted, then *over remoting* you *should* be ok sending it over, but you are sending it in plain text not encrypted.
If you are sending a non-snapshotted credential over remoting, that may be a credential linked to an external credentials store, so the secret value may not be present until you make the call to extract the value... which means that the secret population by https://github.com/jenkinsci/jenkins/blob/5483ee13833bb44ff611e8da3a8c74379ba26e11/core/src/main/java/hudson/util/Secret.java#L202 will blow up Basically as a wrapper, Secret is rather poor IMHO - at least when used from an agent. Perhaps with some additional methods it could be made safer to use and we can roll back from my statement of *Do not use* to be *Do not use without snapshotting* On 6 January 2017 at 14:37, Jesse Glick <jgl...@cloudbees.com> wrote: > On Fri, Jan 6, 2017 at 4:47 AM, Stephen Connolly > <stephen.alan.conno...@gmail.com> wrote: > > NEVER send a Credentials instance to an agent > > > > The secret will be unencryptable when it lands on the agent as the agent > > does not have the master key > > > > You need to extract the secrets on the master JVM and handle sending them > > over yourself. > > Can you explain please? `Secret.value` is plaintext and is in the > serialized form, so when a `UsernamePasswordCredentialsImpl` (for > example) is passed over the Remoting channel its `password` should > arrive intact. > > > This is why there are bugs in e.g. Subversion plugin and Git plugin > > (manifesting most obviously in the inability to use git with SSH key > > credentials that have a passphrase to checkout on a remote agent) > > Is this not precisely what > `BasicSSHUserPrivateKey.CredentialsSnapshotTakerImpl` is for? Again > the `passphrase` is a `Secret` which ought to survive the trip to the > agent. And `writeReplace` ought to be ensuring that the `snapshot` is > taken automatically when the credentials are included in any > serialized request. > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to jenkinsci-dev+unsubscr...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/jenkinsci-dev/CANfRfr2P5hKz9KmQQgnMdredMa_xMTYkz0Bjy%2B2AtqyJOVWBOQ% > 40mail.gmail.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CA%2BnPnMzv7tijSa3-b1n73Q%3Dv3iwguWaWTgRE9FfK3%3DJQCwY_EQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
