the-bastion

mirror of https://github.com/ovh/the-bastion.git synced 2025-01-19 22:03:47 +08:00

Author	SHA1	Message	Date
Stéphane Lesimple	da5cb3c232	chore: packages-check.sh: implement installed pkg detection in rhel/suse, use proper pkg names	2021-12-29 13:19:53 +01:00
Stéphane Lesimple	6694518ab5	chore: remove obsolete check-ssh-hardening.pl	2021-12-29 13:19:53 +01:00
Stéphane Lesimple	bfaea07a12	docs: fix a log example line	2021-12-29 13:19:53 +01:00
Stéphane Lesimple	ae74a823f8	chore: perltidy: rewrite perl-tidy.sh to support single-file tidy	2021-12-29 11:40:34 +01:00
Stéphane Lesimple	ae997dd93c	chore: shellcheck: rewrite shell-check.sh and make files compliant with v0.8.0	2021-12-29 11:40:34 +01:00
Stéphane Lesimple	54a4dc6c65	chore: use state vars where we can	2021-12-29 11:21:04 +01:00
Stéphane Lesimple	b3af2933f9	enh: install.inc: random delay under CI	2021-12-29 11:20:55 +01:00
Stéphane Lesimple	be6a71afab	fix: install.inc: verbose under CI	2021-12-29 11:20:55 +01:00
Stéphane Lesimple	2f623dfb3a	fix: install.inc: fail nicely on invalid JSON under set -e	2021-12-29 11:20:55 +01:00
Stéphane Lesimple	11e81614a4	fix: remove hardcoded config path and fix FreeBSD	2021-12-29 11:20:55 +01:00
Stéphane Lesimple	f609565fe8	enh: batch: detect when asked to start a plugin requiring MFA	2021-12-29 11:20:55 +01:00
Stéphane Lesimple	000ed4e8af	feat: move scripts to GnuPG 2.x and add tests	2021-12-29 11:20:43 +01:00
Stéphane Lesimple	4471cee434	chore: tests: 400-piv: don't print data on countonly phase	2021-12-29 11:20:43 +01:00
Stéphane Lesimple	0f1596b51c	enh: tests: --module can be specified multiple times	2021-12-29 11:20:43 +01:00
Stéphane Lesimple	4e9dffda44	chore: tests: don't shadow the $name var	2021-12-28 09:54:44 +01:00
Stéphane Lesimple	f8f193b298	enh: selfMFASetupPassword: add more messages for the user	2021-12-28 09:54:17 +01:00
Stéphane Lesimple	0f90dfef2d	chore: tests: remove consistency check from long tests	2021-12-23 12:42:56 +01:00
Stéphane Lesimple	e847a19857	enh: ttyrec & yubico installs: hardcode URLs for when API is down	2021-12-22 18:00:21 +01:00
Stéphane Lesimple	415bc9b903	doc: add more info about root 2FA in sshd_config templates	2021-12-21 14:44:48 +01:00
Stéphane Lesimple	8b02d610be	doc: add FAQ entry about Ansible	2021-12-21 14:44:48 +01:00
Stéphane Lesimple	a68ccb3f8c	feat: add new OSes and deprecate old ones add: - Debian 11 - RockyLinux 8 remove: - OpenSUSE Leap 15.2 - Old minor versions of CentOS 7.x - Old minor versions of CentOS 8.x	2021-12-21 12:00:04 +01:00
Stéphane Lesimple	aaaa173764	feat: add the accountUnlock restricted plugin	2021-12-21 09:42:54 +01:00
Stéphane Lesimple	d51c4c8be0	fix: tests: full tests on FreeBSD	2021-12-20 12:54:32 +01:00
Stéphane Lesimple	c48af00ff8	feat: add info_syslog() and code-info syslog type	2021-12-16 11:02:26 +01:00
Stéphane Lesimple	7cc350b40d	chore: check for spurious args in all helpers	2021-12-16 11:02:13 +01:00
Stéphane Lesimple	90dbe04dde	enh: detect silent password change failures	2021-12-15 18:20:46 +01:00
Stéphane Lesimple	3507586de6	release v3.07.00	2021-12-13 14:02:41 +01:00
Stéphane Lesimple	cb28b44382	chore/fix: move HEXIT() to helper module, use HEXIT only in helpers	2021-12-13 09:51:00 +01:00
Stéphane Lesimple	850152a88c	enh: ensure proper Getopt::Long options are set everywhere	2021-12-13 09:51:00 +01:00
Stéphane Lesimple	d4cc727f74	chore: factorize helpers header	2021-12-13 09:51:00 +01:00
Stéphane Lesimple	2c2f723bbb	fix: add helpers handling of SIGPIPE/SIGHUP To avoid having e.g. a group creation interrupted in the middle just because the caller killed their ssh connection while we're still working	2021-12-13 09:51:00 +01:00
Stéphane Lesimple	1725130a15	fix: avoid double-close log messages on HUP	2021-12-13 09:50:36 +01:00
Stéphane Lesimple	373f4907de	fix: tests under OpenSUSE (fping raw sockets)	2021-12-13 09:32:52 +01:00
Antoine Leblanc	cbf1bd6645	doc: allowkeeper: fix typo Signed-off-by: Antoine Leblanc <antoine.leblanc@ovhcloud.com>	2021-12-09 16:51:55 +01:00
Christophe Crochet	98c1c79382	update of --force-password: code style cleanup	2021-12-09 16:51:40 +01:00
Christophe Crochet	e9841b89bc	update of --force-password: removed guest support	2021-12-09 16:51:40 +01:00
Christophe Crochet	ff40617624	update of --force-password: guest support, autocompletion, new tests, code cleanups	2021-12-09 16:51:40 +01:00
Christophe Crochet	e4b132ed9a	new access option: --force-password <HASH>, to only try one specific password	2021-12-09 16:51:40 +01:00
Stéphane Lesimple	89ecb2c0d7	feat: add support for Duo PAM auth as MFA (#249 )	2021-11-03 15:50:10 +01:00
Stéphane Lesimple	7dcbfeebc6	fix: --self-password was missing as a -P synonym (#257 )	2021-10-28 11:33:13 +02:00
Stéphane Lesimple	11b2bc60b2	release v3.06.00	2021-10-20 13:42:13 +02:00
Stéphane Lesimple	00aa2e7efc	fix: selfMFASetupTOTP: bad return func	2021-10-20 13:42:13 +02:00
Christophe Crochet	d85298f229	new account option: --pubkey-auth-optional, to allow ingress login with or without pubkey when pam is required	2021-10-15 11:22:00 +02:00
madx	4d3ee1b99d	regenerated doc	2021-10-15 11:22:00 +02:00
madx	ea8ed97a34	new account option: mfa-any, to allow ingress login with pubkey alone or pam alone instead of requiring both	2021-10-15 11:22:00 +02:00
Stéphane Lesimple	a65cbd55b8	accountPIV: fix bad autocompletion rule	2021-10-08 22:19:51 +02:00
Stéphane Lesimple	a6488ee6fb	fix: groupdel: false positive in lock contention detection Groups that were containing 'lock' or 'retry' in their name would falsely trigger the /etc/passwd and /etc/group lock contention detection, due to their presence in the output of the system command, implying several retries that were not needed.	2021-09-28 09:08:31 +02:00
Jean "henyxia" Wasilewski	b40a2fd6e3	fix: add superowner group requirement Signed-off-by: Jean "henyxia" Wasilewski <henyxia@revs0.com>	2021-09-24 11:56:35 +02:00
Stéphane Lesimple	8d84fce34f	fix: proactive-mfa: make it work for --osh batch and --osh clush	2021-09-22 11:32:19 +02:00
Stéphane Lesimple	b5c5d9d5ee	release v3.05.01	2021-09-22 10:43:40 +02:00

1 2 3 4 5 ...

413 commits