Channels
# apple-silicon
# arm-architecture
# auditing-warroom
# aws
# code-review
# community-feeds
# core
# darkbytes
# doorman
# ebpf
# eclecticiq-polylogyx-extension
# extensions
# file-carving
# fim
# fleet
# foundation
# fuzzing
# general
# golang
# goquery
# infrastructure
# kolide
# linux
# macos
# officehours
# osctrl
# plugins
# process-auditing
# queryhub
# sql
# tls
# uptycs
# website
# windows
# zeek
# zercurity
Channels
Dan Achin
1 year agoHi. Can anyone tell me if the enroll_secret is presented by the client only when it initially enrolls with Fleet, or does it present it at other times like check-ins / posting data / etc?
zwass
1 year agoOnly at first check in. Later the host presents its unique "node key".Dan Achin
1 year agoOK, thanks much. Would first check-in include service restart?
We trying to assess how difficult it would be to rotate that enroll_secret as part of our standard security practices. If we only use it at first check-in, that makes it easier to rotate. 🙂- s
seph
1 year agoNo, not a service restart.
It is presented when, and only when, there is no node key.
node keys are stored in the local database directory zwass
1 year agoRotating the enroll secret is especially easy since you can have multiple valid secrets at once. But the enroll secret is rarely used anyway.
View count: 2