ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2024-09-20 15:05:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
640 commits 5 branches 44 tags 6.9 MiB
Commit graph

208 commits

Author SHA1 Message Date
Stéphane Lesimple 47b51c79ee feat: accountFreeze: terminate running sessions if any 2024-06-27 17:03:07 +02:00
Stéphane Lesimple 15e6869be0 fix: ignore transient errors during global destruction 2024-06-25 14:09:54 +02:00
Stéphane Lesimple 4b781b821a release v3.16.01 2024-05-22 16:16:41 +02:00
Stéphane Lesimple 72b757457c enh: info: removed uname dependency, added configuration 2024-04-17 14:38:19 +02:00
Stéphane Lesimple 3646badbdf release 3.16.00 2024-04-10 14:16:10 +02:00
Stéphane Lesimple 3c9382a192 enh: use print_accepted_key_algorithms everywhere 2024-04-10 10:51:01 +02:00
Stéphane Lesimple 321c592d51 chore: perltidy 2024-04-10 10:51:01 +02:00
Pierre-Elliott Bécue 99dfa9d351 Drop an unused variable in print_accepted_key_algorithms 2024-04-10 10:51:01 +02:00
Pierre-Elliott Bécue 1e44092c16 Factor out in a generic function the helper listing allowed ssh key algorithm 2024-04-10 10:51:01 +02:00
Pierre-Elliott Bécue 7dce5734fd Escape dots in regex patterns for ssh algorithms 
Co-authored-by: Stéphane Lesimple <speed47_github@speed47.net>
 2024-04-10 10:51:01 +02:00
Pierre-Elliott Bécue d0ac9eabb9 Implement Ingress Secure Keys 2024-04-10 10:51:01 +02:00
Stéphane Lesimple dad78fbfe5 release v3.15.00 2024-03-25 10:11:31 +01:00
Stéphane Lesimple 496fe94dd3 enh: allow @ as a valid remote user char (fixes #437) 2024-03-20 11:53:58 +01:00
Stéphane Lesimple 3bc83fae8e enh: interactive: fix display 2024-03-20 11:53:49 +01:00
Stéphane Lesimple 3d1e210dd8 fix: interactive: remove unnecessary loops for autocomplete 2024-03-20 11:53:49 +01:00
Stéphane Lesimple 7423f6ad63 feat: add dnsSupportLevel option for systems with broken DNS (fixes #397) 2024-03-20 11:53:00 +01:00
Stéphane Lesimple 3c6dd69538 chg: jailify: update params name to match minijail0 2024-02-21 14:13:56 +01:00
Stéphane Lesimple 91beea0012 release v3.14.16 2024-02-20 17:41:53 +01:00
Stéphane Lesimple 867410a16d enh: plugins: better signal handling to avoid dangling children processes 2024-02-20 12:14:01 +01:00
Stéphane Lesimple f022bd9ac8 feat: add ttyrecStealthStdoutPattern config 
Commands that generate a lot of stdout output and are M2M workflows, such as rsync,
can now be excluded from ttyrec to avoid filling up drives
 2024-02-20 12:13:53 +01:00
Stéphane Lesimple 692ebca3c2 fix: accountInfo: return always_active=1 for globally-always-active accounts 2024-01-17 11:01:21 +01:00
Stéphane Lesimple 137c7b5454 release v3.14.15 2023-11-08 14:55:44 +01:00
Stéphane Lesimple 3d402a1bc6 feat: add admin-configurable lock/kill timeout per plugin 2023-11-08 14:55:35 +01:00
Stéphane Lesimple 7a288bd812 chore: perlcritic adjustement on RequireArgUnpacking 2023-11-08 13:21:20 +01:00
Stéphane Lesimple 47e058c272 refacto: use osh_print to obey force_stderr 2023-11-08 13:21:20 +01:00
Stéphane Lesimple b48463076f feat: osh.pl: jit mfa for plugins 2023-11-08 13:21:20 +01:00
Pierre-Elliott Bécue 35d4841638 Allow setup-gpg.sh --import to receive, trust, and add to configure multiple public keys at once 2023-10-27 17:26:23 +02:00
Stéphane Lesimple 0eb61f26f2 meta: dev: add devenv docker, pre-commit info, and doc 2023-10-03 14:23:30 +02:00
Stéphane Lesimple d70e52a09b release v3.14.00 2023-09-19 17:32:43 +02:00
Stéphane Lesimple a6a25fd53b feat: add type8 and type9 password hashes 
This requires the-bastion-mkhash-helper v1.1.0+
 2023-09-19 17:12:48 +02:00
Stéphane Lesimple 5dc50b3e57
feat: add stealth_stderr/stdout ttyrec support, enable it for scp (#413) 2023-09-19 15:27:00 +02:00
Stéphane Lesimple ee149cb185
release v3.13.01 (#410) 2023-08-23 11:41:43 +02:00
Stéphane Lesimple 9bdfca1c76 release v3.13.00 2023-07-28 14:18:15 +02:00
Stéphane Lesimple a65c53b76e enh: use ttyrec instead of sqlite to record plugin output 2023-07-28 11:09:10 +02:00
Stéphane Lesimple bd82ee49b7 release v3.12.00 2023-06-27 14:13:22 +02:00
Stéphane Lesimple 5cfb049a82 chore: doc: adding plugin configuration autogeneration 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 482eddb10c feat: plugins: add loadConfig parameter & config validator support 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 262e545bbb feat: add dryrun in access_modify() and widest prefix precondition check 2023-06-01 11:52:39 +02:00
Stéphane Lesimple f4650bd0dc chore: shell/functions: remove now unused global var 2023-05-31 17:37:52 +02:00
Stéphane Lesimple d5dd119f83 release v3.11.02 2023-04-18 14:48:47 +02:00
Stéphane Lesimple 84687256a8 fix: --force-key wasn't working for groups 
Fixes #259
 2023-04-07 10:44:14 +02:00
Stéphane Lesimple 52d44ba993 chore: remove Debian openssh-blacklist logic 
All Debian versions supporting this are EOL by now.
 2023-04-07 10:44:05 +02:00
Stéphane Lesimple c6904d0fa0 release v3.11.01 2023-03-27 17:04:56 +02:00
Stéphane Lesimple cadf51145d release v3.11.00 2023-03-23 14:37:57 +01:00
Stéphane Lesimple a1812e34bb fix: race condition when two parallel account creations used --uid-auto 
Fixes #363
 2023-03-22 11:00:16 +01:00
Stéphane Lesimple f4abfc1ba8 feat: add sftp support 2023-03-16 13:45:42 +01:00
Stéphane Lesimple 86d907acb6 release v3.10.00 2023-02-17 15:19:25 +01:00
Cédric Roussel 4d56c32853 fix: invalid suffixed account creation 2023-01-31 12:03:13 +01:00
Stéphane Lesimple 036f921c40 feat: add accountFreeze/accountUnfreeze 2022-12-30 17:53:08 +01:00
Stéphane Lesimple 649c1fffbf release v3.09.02 2022-11-15 18:26:32 +01:00