The credentials database is encrypted using Jenkins' secret key infrastructure. Obviously Jenkins can decrypt them as Jenkins has the secret key... and the secret keys are stored on disk in $JENKINS_HOME, but I assure you the passwords themselves are not stored in plain text or a simple obfuscated form... they are stored using a reversible encryption technique
On 8 November 2013 11:50, Robert Krüger <krue...@lesspain.de> wrote: > Hi, > > I am setting up a Jenkins Job which accesses a Git (Stash) repo over > HTTPS using global credentials. Since I was not asked for a password > for encrypting the credentials database, I guess they are not strongly > encrypted in the XML file where they are stored. Is there a more > secure way of setting this up? In another thread Nicolas de Loof > recommended SSH over HTTPS for such a setup. Is this one of the > reasons? > > Thanks, > > Robert > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to jenkinsci-users+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
