The credentials database is encrypted using Jenkins' secret key infrastructure. Obviously Jenkins can decrypt them as Jenkins has the secret key... and the secret keys are stored on disk in $JENKINS_HOME, but I assure you the passwords themselves are not stored in plain text or a simple obfuscated form... they are stored using a reversible encryption technique
On 8 November 2013 11:50, Robert Krüger <[email protected]> wrote: > Hi, > > I am setting up a Jenkins Job which accesses a Git (Stash) repo over > HTTPS using global credentials. Since I was not asked for a password > for encrypting the credentials database, I guess they are not strongly > encrypted in the XML file where they are stored. Is there a more > secure way of setting this up? In another thread Nicolas de Loof > recommended SSH over HTTPS for such a setup. Is this one of the > reasons? > > Thanks, > > Robert > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
