New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request: Put agent download behind (token?) authentication #5554
Comments
DEV NOTES: |
OOO the is already something listed in the code called
so if |
Yes! That prevents downloads. Unfortunately, it breaks the script install. Maybe this was an incomplete feature?
|
4 years ago the line was added if git is right 😆 EDIT: thats also correct, the script wont work because its downloading the agent, which you have blocked! |
added |
Would it make sense to put the download behind
|
MeshCentral version 1.1.9
Is your feature request related to a problem? Please describe.
As a MeshCentral user, I would like the agent download to be protected by a token. Consider the following.
$ curl --location --output meshagent.bin 'https://mesh.example.com/meshagents?id=3' % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 3722k 100 3722k 0 0 25.7M 0 --:--:-- --:--:-- --:--:-- 25.9M $ ls -la meshagent.bin -rw-r--r-- 1 root root 3811656 Nov 15 08:28 meshagent.bin
If you add a token to that, the server responds with "Unauthorized".
$ curl --location --output meshagent.bin 'https://mesh.example.com/meshagents?id=3&meshid=0000000000000000000000000000000000000000000000000000000000000000' % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 12 100 12 0 0 472 0 --:--:-- --:--:-- --:--:-- 480 $ cat meshagent.bin Unauthorized
The "Linux / BSD" script shown in the GUI does not have a token or mesh ID and relies on the
meshagent
that was downloaded to get the settings from the server. The settings from the server DO require auth (AFAICT).Describe the solution you'd like
I would like something more like this script that enforces a token to download the agent. Note: The install script uses
meshid
as the "token", which is used in the install script to download the settings. It may be better to usemeshid
instead oftoken
.Describe alternatives you've considered
N/A
Additional context
See discussion #5551 for more context.
The text was updated successfully, but these errors were encountered: