Tyler Fisher
09/30/2019, 8:17 PMzwass
Tyler Fisher
09/30/2019, 8:20 PMauth_jwt_key
is not actually the JWT token, it's the secret key that's used to create the JWT token?fleetctl get enroll-secret
command?
I'm provisioning a development environment, and was wondering if it's possible to know the enrolment secret in advance - I'm not familiar with JWT, looking at the source code for hints on how this is used: https://github.com/kolide/fleet/blob/06832697d0e6ed6b2ca0220ef5434791db7b0a27/server/service/service_sessions.go#L286-L293zwass
wtheaker
09/30/2019, 8:46 PMopenssl rand -base64 32
Paste that string into .env
as KOLIDE_AUTH_JWT_KEY
Tyler Fisher
09/30/2019, 8:46 PM# fleetctl config set --address <https://localhost:8080>
# fleetctl config set --rootca /opt/kolide/fleet/tls/fleet.crt
# fleet login
# fleetctl login
Log in using the standard Fleet credentials.
Email: <email>
Password:
[+] Fleet login successful and context configured!
# fleetctl get enroll-secret
sVhrv<...>8t6Ff
And it looks like JWT tokens are stored in the kolide.sessions
table - so, I should be able to read the contents of this table before I try to enrol agents with the Kolide Fleet server I'm standing up.zwass
Tyler Fisher
09/30/2019, 8:52 PM