ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2024-09-20 15:05:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
486 commits 5 branches 44 tags 6.9 MiB
Commit graph

127 commits

Author SHA1 Message Date
Stéphane Lesimple 3df86c58b3 release v3.09.00 2022-09-13 13:21:18 +02:00
John Zimmermann 33fa768c27 fix: doc: use code-blocks:: instead of code:: 
code:: is not a recognized statement for sphinx,
code-blocks, as used on all other pages, is the correct one.
Syntax highlighting with shell does not work for the last two blocks.

Signed-off-by: John Zimmermann <John.Zimmermann@th-ab.de>
 2022-09-09 10:48:41 +02:00
Stéphane Lesimple 7b3c721f66 doc: add a missing parameter in ping's help 2022-07-29 11:34:43 +02:00
Stéphane Lesimple 81aeb2ee3c release v3.09.00-rc3 2022-07-12 12:34:58 +02:00
Stéphane Lesimple 8e148a6e53 release v3.09.00-rc2 2022-07-05 18:12:08 +02:00
Stéphane Lesimple 7fafeb3e1d doc: osh-encrypt-rsync.conf: add verbose 2022-07-05 18:04:19 +02:00
Stéphane Lesimple 7ff286b00f v3.09.00-rc1 2022-07-04 11:06:54 +02:00
Stéphane Lesimple 73b6a625f5 feat: add support and tests for Ubuntu 22.04 LTS 2022-07-04 11:06:34 +02:00
Stéphane Lesimple 39e667f703 doc: amend groupModify documentation 2022-07-01 15:33:44 +02:00
Stéphane Lesimple e040afb074 chore: new perltidy rules 2022-07-01 10:21:19 +02:00
Stéphane Lesimple 4f99c4fe6c fix: ping: force a deadline, and restore default sighandlers 2022-06-29 11:34:24 +02:00
Romain Beuque c1ca9b6374 fix: typo in the 'alive' command 
Signed-off-by: Romain Beuque <556072+rbeuque74@users.noreply.github.com>
 2022-06-08 12:01:10 +02:00
Stéphane Lesimple c9c413ed7f doc: add note about root access for installation 2022-04-28 10:27:33 +02:00
Stéphane Lesimple 982f21a950 chore: remove CentOS 8 from tests (EOL) 2022-03-14 12:42:26 +01:00
Stéphane Lesimple a781d0c1d2 doc: better menu organization 2022-02-09 14:31:33 +01:00
Stéphane Lesimple ee776707c1 chore: standardize doc generation for config files 2022-02-09 14:31:33 +01:00
Stéphane Lesimple a7462c0ac7 enh: use snake_case for system scripts json config files 2022-02-09 14:31:33 +01:00
Stéphane Lesimple c38c9c09f2 chore: fix typos 2022-02-09 14:31:33 +01:00
Stéphane Lesimple 2c2064a484 feat: osh-encrypt-rsync: handle sqlite and user logs along with ttyrec files 2022-02-09 14:31:33 +01:00
Stéphane Lesimple 0ffdd108bd v3.08.01 2022-01-19 11:24:12 +01:00
Stéphane Lesimple 9d371f90a9 doc: add documentation for osh-remove-empty-folders 2022-01-19 11:23:44 +01:00
Stéphane Lesimple d7a898a5fa Release v3.08.00 2022-01-04 15:50:02 +01:00
Stéphane Lesimple 716594e20e chore: doc: limit .rst lines to 120 chars 2021-12-30 15:39:31 +01:00
Stéphane Lesimple 6694518ab5 chore: remove obsolete check-ssh-hardening.pl 2021-12-29 13:19:53 +01:00
Stéphane Lesimple bfaea07a12 docs: fix a log example line 2021-12-29 13:19:53 +01:00
Stéphane Lesimple 000ed4e8af feat: move scripts to GnuPG 2.x and add tests 2021-12-29 11:20:43 +01:00
Stéphane Lesimple 8b02d610be doc: add FAQ entry about Ansible 2021-12-21 14:44:48 +01:00
Stéphane Lesimple a68ccb3f8c feat: add new OSes and deprecate old ones 
add:
- Debian 11
- RockyLinux 8

remove:
- OpenSUSE Leap 15.2
- Old minor versions of CentOS 7.x
- Old minor versions of CentOS 8.x
 2021-12-21 12:00:04 +01:00
Stéphane Lesimple aaaa173764 feat: add the accountUnlock restricted plugin 2021-12-21 09:42:54 +01:00
Stéphane Lesimple c48af00ff8 feat: add info_syslog() and code-info syslog type 2021-12-16 11:02:26 +01:00
Stéphane Lesimple 3507586de6 release v3.07.00 2021-12-13 14:02:41 +01:00
Christophe Crochet e4b132ed9a new access option: --force-password <HASH>, to only try one specific password 2021-12-09 16:51:40 +01:00
Stéphane Lesimple 89ecb2c0d7 feat: add support for Duo PAM auth as MFA (#249) 2021-11-03 15:50:10 +01:00
Stéphane Lesimple 11b2bc60b2 release v3.06.00 2021-10-20 13:42:13 +02:00
Christophe Crochet d85298f229 new account option: --pubkey-auth-optional, to allow ingress login with or without pubkey when pam is required 2021-10-15 11:22:00 +02:00
madx 4d3ee1b99d regenerated doc 2021-10-15 11:22:00 +02:00
madx ea8ed97a34 new account option: mfa-any, to allow ingress login with pubkey alone or pam alone instead of requiring both 2021-10-15 11:22:00 +02:00
Jean "henyxia" Wasilewski b40a2fd6e3 fix: add superowner group requirement 
Signed-off-by: Jean "henyxia" Wasilewski <henyxia@revs0.com>
 2021-09-24 11:56:35 +02:00
Stéphane Lesimple b5c5d9d5ee release v3.05.01 2021-09-22 10:43:40 +02:00
Stéphane Lesimple b58388a3d9 feat: add --proactive-mfa and mfa/nofa interactive commands 
For bastions using JIT MFA, where MFA can be requested when
attempting to connect through specific groups, or when using
some commands, with respect to MFA being enforced at connection
time directly through the sshd authentication process, one can
now request MFA validation in advance, to workaround problems
in commands such as ``clush``  or ``batch``, and interactive mode.
 2021-09-21 12:06:40 +02:00
Stéphane Lesimple 99686499b1 feat: osh-backup-acl-keys: add the possibility to sign encrypted backups (#209) 2021-09-20 17:00:18 +02:00
Stéphane Lesimple 8e6c247cdf doc: add upgrading notice 2021-09-14 16:05:27 +02:00
Stéphane Lesimple d3f443a532 release v3.05.00 2021-09-14 10:21:04 +02:00
Stéphane Lesimple 4a21cfc421 enh: add --max-inactive-days to accountCreate 2021-09-06 14:52:46 +02:00
Stéphane Lesimple ef10d509fd enh: add max_inactive_days to account configuration (#230) 2021-09-06 14:52:46 +02:00
Stéphane Lesimple 15cb2c2453 enh: accountInfo: add --list-groups 
Listing groups can be slow on bastions having thousands
of groups, hence this is now disabled by default.
 2021-09-02 13:13:44 +02:00
Stéphane Lesimple 82b681a38d doc: add faq about session locking (#226) 2021-09-02 11:42:48 +02:00
Stéphane Lesimple 5d188faac0 chore: trick perltidy 2021-09-02 10:06:47 +02:00
Stéphane Lesimple 2510de0cd5 doc: generate scripts doc reference 2021-09-02 10:06:47 +02:00
Stéphane Lesimple 710eb2e4cb doc: use autosectionlabel 2021-09-02 10:06:47 +02:00