SHA-256 Agent Verification
Cryptographic integrity checking ensures your monitoring agent hasn't been tampered with.
How Checksums Work
Every version of the Scout agent has a SHA-256 hash computed from its source code. The server stores the expected checksum and verifies it on every update — if the hash doesn't match, the update is rejected.
- SHA-256 hash of the agent script
- Server stores the expected checksum
- Verified on every update cycle
- Tampered files are automatically rejected
Secure Auto-Updates
Agents check for updates daily by querying the dashboard's agent-version endpoint. If a new version is available, the agent downloads it, verifies the SHA-256 checksum, and only then applies the update. Checksum mismatch? The update is discarded.
- Daily update check against agent-version API
- Checksum validated before applying
- Automatic rollback on mismatch
- Zero-downtime updates
Unique API Keys
Every server gets its own isolated API key when you add it to Server Scout. Keys can be revoked from the dashboard at any time. No shared secrets — compromising one key doesn't affect other servers.
- One unique API key per server
- Keys revocable from the dashboard
- No shared secrets across servers
- X-API-Key bearer token authentication
HTTPS-Only Communication
All communication between agents and the dashboard is encrypted with TLS. No plaintext metric data ever crosses the network. Certificate validation ensures agents are talking to the real dashboard, not an impersonator.
- All agent-to-dashboard traffic encrypted
- No plaintext metric data in transit
- TLS certificate validation
- Protection against man-in-the-middle attacks