Portainer / Rancher
Portainer / SUSE RancherCI/CD4 credentials
Initial Administrator Password
portainer-rancher / admin-password
Portainer and Rancher both create an initial administrator through setup or bootstrap flows for UI/API access to container and Kubernetes environments.
Location
Portainer UI/API and Rancher UI/APIPortainer database or Rancher management cluster storing users, auth providers, and password hashes
Docker Compose, Helm values, bootstrap password, and deployment manifests
Kubernetes Secrets, Docker secrets, password vaults, and bootstrap secrets
server, API, auth, and setup logs
Notes
No shared universal admin password is modeled; setup flows create or display one-time/bootstrap credentials.
API Access Token / Key
portainer-rancher / api-access-token
Portainer and Rancher issue API tokens/access keys for CLI, API, Terraform, GitOps, and automation clients.
Location
AuthorizationBearer token or access key used by Portainer/Rancher APIs
API key/token records, access keys, and session stores
CLI configs, Terraform providers, kubeconfigs, scripts, and .env files
PORTAINER_TOKEN, RANCHER_TOKEN, CATTLE_ACCESS_KEY, CATTLE_SECRET_KEYCI/CD variables, Kubernetes Secrets, and vaults
cluster automation repos, GitOps configs, and tests
API client traces and controller logs
Kubeconfig / Cluster Registration Secret
portainer-rancher / kubeconfig-and-cluster-secret
Rancher and Portainer manage Kubernetes clusters using kubeconfigs, service account tokens, registration tokens, agent secrets, and cluster certificates.
Looks like
patterneyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+-----BEGIN (RSA |EC |ENCRYPTED |)PRIVATE KEY-----Location
kubeconfig, values.yaml, docker-compose.ymlcluster credentials, agent registration tokens, and service account tokens
Kubernetes Secrets, Rancher cattle-system secrets, Portainer endpoint credentials, and vaults
cluster backups, exported kubeconfigs, and support bundles
GitOps repositories and cluster bootstrap scripts
Registry, LDAP, OAuth, and Git Integration Secrets
portainer-rancher / registry-ldap-oauth-secrets
Portainer/Rancher deployments store registry credentials, LDAP/OIDC client secrets, Git repository credentials, cloud provider keys, and webhook secrets.
Location
registry, endpoint, auth provider, and Git integration credential records
Helm values, environment files, provider configs, and app templates
Kubernetes Secrets, Docker secrets, cloud secret managers, and vaults
auth provider, registry, Git, and controller debug logs
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.