Linode Personal Access Token
Service Name: Linode
Service Description: Linode is a cloud hosting provider that offers virtual private servers (VPS), cloud computing, and storage services. Linode Personal Access Tokens are used to authenticate with the Linode API for programmatic access to Linode resources.
Service Address: https://www.linode.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Linode's Cloud Firewall service, but not directly at the token level.
Secret Access Scope: Grants programmatic access to Linode resources and services based on the scopes assigned to the token (can include read/write access to Linodes, domains, volumes, etc.).
Secret Revokement URL: https://cloud.linode.com/profile/tokens
Secret Example: 1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p7q8r9s0t
Suspicious Activity Investigation Instructions:
- Review Linode account activity logs for unusual API calls or resource access
- Check for unauthorized Linode instances or resources created
- Monitor for unexpected changes to DNS settings, network configurations, or firewall rules
- Verify if there are any unexpected billing increases that might indicate resource abuse
- Check for unauthorized SSH key additions to your Linode instances
Mitigation Instructions:
- Log in to your Linode Cloud Manager account at https://cloud.linode.com/
- Navigate to "My Profile" from the user menu in the top right
- Select the "API Tokens" tab
- Locate the compromised token in the list
- Click the "Revoke" button next to the token
- Confirm the revocation when prompted
- Create a new token with appropriate scopes if needed
- Review all resources for unauthorized changes or backdoors
- Rotate any SSH keys or other credentials that might have been exposed