back to website

Werk #16617: Use session specific key for ValueSpec encryption

Component Setup
Title Use session specific key for ValueSpec encryption
Date Mar 15, 2024
Level Trivial Change
Class New Feature
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.4.0b1 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)

When a user edits a configuration e.g. for a special agent with an explicit password the complete configuration is transfered to the user. To not reveal the password in cleartext this field is encrypted.

The key for that encryption was previously to this Werk shared amongst all users (a salt was used though). With this Werk every user session has now a secret dedicated to this encryption so the key is rotated often and not shared amongst other users.

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2025 Checkmk GmbH. All rights reserved.

Join our hybrid Monitoring Community event from May 20-22 in Munich and learn more about the latest Checkmk features and our roadmap at the Checkmk Conference #11

Register now