the-bastion

Commit Graph

Author	SHA1	Message	Date
Stéphane Lesimple	75793d55e2	chore: use proper naming of 'netblock' instead of 'prefix' To avoid confusion, we now use 'netblock' to talk about 10.0.0.0/8, with 10.0.0.0 being the 'prefix' and '8' being the 'prefix size' or 'netblock size'. Use these words everywhere in the code and documentation for clarity	1 year ago
Stéphane Lesimple	292ed300c4	enh: accountInfo: add osh-only information for accounts	1 year ago
Stéphane Lesimple	f30cec2f29	fix: accountInfo: don't attempt (and fail) to display info non-auditors don't have access to	1 year ago
Stéphane Lesimple	92bc512050	feat: add assetForgetHostKey	1 year ago
TomRicci	ecceeb8bb5	fix: message scpdownload scpupload in accountAddPersonalAccess	1 year ago
TomRicci	92f7dcc920	fix: message scpdownload scpupload in selfDelPersonalAccess	1 year ago
TomRicci	f67f064e67	fix: message scpdownload scpupload in selfAddPersonalAccess	1 year ago
TomRicci	6842792bce	fix: message scpdownload scpupload in accountDelPersonalAccess	1 year ago
Stéphane Lesimple	19ef1b2668	enh: plugins: add --protocol to handle scp, sftp, rsync Replace --sftp --scpup --scpdown by --protocol PROTOCOL. Also take the opportunity to replace --user-any by --user * and --port-any by --port *. All the legacy options are still supported but are now undocumented.	1 year ago
Stéphane Lesimple	4ef9c6ddde	feat: add --egress-session-multiplexing option to accountModify	1 year ago
Stéphane Lesimple	3ba789ed34	chore: adapt help messages for wildcard --user support	2 years ago
Stéphane Lesimple	2e96603300	feat: support wildcards in --user (fix #461 )	2 years ago
Stéphane Lesimple	b1396b2ed7	fix: accountFreeze: restore json results	2 years ago
Stéphane Lesimple	47b51c79ee	feat: accountFreeze: terminate running sessions if any	2 years ago
Stéphane Lesimple	3646badbdf	release 3.16.00	2 years ago
Stéphane Lesimple	3c9382a192	enh: use print_accepted_key_algorithms everywhere	2 years ago
Pierre-Elliott Bécue	1e44092c16	Factor out in a generic function the helper listing allowed ssh key algorithm	2 years ago
Stéphane Lesimple	54321ff706	enh: add a few autocompletes	2 years ago
Stéphane Lesimple	0314798c87	enh: interactive: allow multi-spaces in autocompletes	2 years ago
Stéphane Lesimple	692ebca3c2	fix: accountInfo: return always_active=1 for globally-always-active accounts	2 years ago
Stéphane Lesimple	a6a25fd53b	feat: add type8 and type9 password hashes This requires the-bastion-mkhash-helper v1.1.0+	2 years ago
Stéphane Lesimple	f77b8a25d3	fix: accountList: crash in some cases	3 years ago
Stéphane Lesimple	5cfb049a82	chore: doc: adding plugin configuration autogeneration	3 years ago
Stéphane Lesimple	cf405badfb	feat: add 2 configurable knobs to (self\|account)AddPersonalAccess widest_v4_prefix (maximum allowed prefix to add in a single ACL), and self_remote_user_only (only allow ACLs where the remote user is the same than the bastion account name)	3 years ago
Stéphane Lesimple	482eddb10c	feat: plugins: add loadConfig parameter & config validator support	3 years ago
Stéphane Lesimple	0515753f91	fix: add missing autocompletions, readonly flags and help category for some plugins	3 years ago
Stéphane Lesimple	84687256a8	fix: --force-key wasn't working for groups Fixes #259	3 years ago
Stéphane Lesimple	7a825aeec4	feat: add --all to groupInfo and accountInfo	3 years ago
Stéphane Lesimple	f4abfc1ba8	feat: add sftp support	3 years ago
Stéphane Lesimple	036f921c40	feat: add accountFreeze/accountUnfreeze	3 years ago
Stéphane Lesimple	0e787f4ea9	enh: accountInfo: add --no-password-info and --no-output	3 years ago
Stéphane Lesimple	8c82c3441b	fix: accountInfo wasn't showing TTL account expiration #329	4 years ago
Stéphane Lesimple	72cefa6417	fix: performance issues introduced by `effab4a` Commit that introduced the performance degradation is `effab4a` (fix: workaround for undocumented caching in getpw/getgr funcs) Rewrote caching at the getpwent/getpwnam/getgrent/getgrnam level, which restores performance pre-effab4a and even enhances it in somes cases, for example on a 2000-accounts and 2000-groups bastion, we are: - 11% faster on --osh help - 35% faster on --osh selfListAccesses (reduces syscalls by 87%)	4 years ago
Stéphane Lesimple	e040afb074	chore: new perltidy rules	4 years ago
Stéphane Lesimple	bd2f069c7e	enh: print a msg when no ingress keys are found	4 years ago
Stéphane Lesimple	884b4bbaf0	fix: install: ensure that the healthcheck user can always connect from 127.0.0.1 Regardless of the bastion config about the ingressKeysFrom configuration	4 years ago
Stéphane Lesimple	effab4a5c2	fix: workaround for undocumented caching in getpw/getgr funcs	4 years ago
Stéphane Lesimple	6baa61a7f4	fix: accountInfo: missing creation date on non-json output	4 years ago
Stéphane Lesimple	aaaa173764	feat: add the accountUnlock restricted plugin	4 years ago
Stéphane Lesimple	7cc350b40d	chore: check for spurious args in all helpers	4 years ago
Christophe Crochet	ff40617624	update of --force-password: guest support, autocompletion, new tests, code cleanups	4 years ago
Christophe Crochet	e4b132ed9a	new access option: --force-password <HASH>, to only try one specific password	4 years ago
Christophe Crochet	d85298f229	new account option: --pubkey-auth-optional, to allow ingress login with or without pubkey when pam is required	4 years ago
madx	ea8ed97a34	new account option: mfa-any, to allow ingress login with pubkey alone or pam alone instead of requiring both	4 years ago
Stéphane Lesimple	a65cbd55b8	accountPIV: fix bad autocompletion rule	4 years ago
Stéphane Lesimple	4a21cfc421	enh: add --max-inactive-days to accountCreate	5 years ago
Stéphane Lesimple	ef10d509fd	enh: add max_inactive_days to account configuration (#230 )	5 years ago
Stéphane Lesimple	15cb2c2453	enh: accountInfo: add --list-groups Listing groups can be slow on bastions having thousands of groups, hence this is now disabled by default.	5 years ago
Stéphane Lesimple	9b2aa996b3	enh: better use of account creation metadata Store account creation information in a JSON. Display this information in `accountInfo` for auditors.	5 years ago
Stéphane Lesimple	2390f56c9a	chore: groupCreate: fix help message	5 years ago

1 2

72 Commits (jsonvalidator)