aherman
/
the-bastion
mirror of https://github.com/ovh/the-bastion
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • aade6b4158
         Merge 2391671f82 into 6d3f12d1ad Stéphane Lesimple 2026-06-08 19:44:57 +0000
  • 2391671f82 fix: osh-encrypt-rsync: tame misbehaving lsofs (added timeout 5) multifixes Stéphane Lesimple 2026-06-08 21:37:52 +0200
  • 39eac3c92d fix: tests: target_role: don't rely on deprecated 'start-stop-daemon' Stéphane Lesimple 2026-06-08 21:18:01 +0200
  • 7e5af2a26f enh: tests: docker_build_and_run_tests_all: keep logs at the end Stéphane Lesimple 2026-06-08 20:54:10 +0200
  • 58f42bbb29 fix: tests: 900-strict-checking.sh: more resilient version of the change_host_keys step Stéphane Lesimple 2026-06-08 15:49:27 +0000
  • fcba07b130 fix: re-validate remote user when passed as a magic ssh-password-line Stéphane Lesimple 2026-06-08 15:46:05 +0000
  • 133d5f0c03 fix: defensive: when using --bind, refuse to proceed shall get_bastion_ips() fail Stéphane Lesimple 2026-06-08 15:45:08 +0000
  • 593e368d65 enh: functional tests: lower default_timeout, print elapsed_ms for each test Stéphane Lesimple 2026-06-08 15:43:48 +0000
  • 7017f4a5cf enh: functional tests: use 'waitfor' that depends on default_timeout when sleeping is needed in tests Stéphane Lesimple 2026-06-08 15:43:17 +0000
  • dfe8e38194
         Merge 978f8a1397 into 6d3f12d1ad Zentoo 2026-06-08 17:47:47 +0000
  • 978f8a1397
         signed commit Zentoo 2026-06-08 19:47:44 +0200
  • c55c2c487d
         signed commit Zentoo 2026-06-08 19:44:35 +0200
  • 052468d6e1
         signed commit Zentoo 2026-06-08 19:42:49 +0200
  • 92a9dcea84
         signed commit Zentoo 2026-06-08 19:42:21 +0200
  • b3103510be
         Update ssh_config.gentoo Zentoo 2026-06-08 19:40:39 +0200
  • 9e9d514f00 chore: 900-strict-checking.sh: remove stray debug line Stéphane Lesimple 2026-06-08 15:36:14 +0000
  • 5b2a14916e chore: target_role.sh: replace 1h loop by sleep infinity Stéphane Lesimple 2026-06-08 15:32:47 +0000
  • 6a77244c84 chore: tests: bump tester from bookworm to trixie Stéphane Lesimple 2026-06-08 15:32:11 +0000
  • 5dbf2c1983 enh: tests: replace 'screen' by 'script' for a small run speedup Stéphane Lesimple 2026-06-08 15:31:26 +0000
  • 155e68202c
         signed commit Zentoo 2026-06-08 19:18:43 +0200
  • 237f125955
         Update ssh_config.gentoo Zentoo 2026-06-08 19:13:53 +0200
  • b4c0cd987c Add gentoo linux support Zentoo 2026-06-08 19:00:16 +0200
  • bc2e8234b9
         Merge cfa040c870 into 6d3f12d1ad Jonah 2026-06-08 11:51:06 +0200
  • 13ce373413 Deploy to GitHub pages gh-pages github-actions[bot] 2026-06-08 09:05:54 +0000
  • 6d3f12d1ad fix: account expiration & accountUnexpire usage for 'realm/user' accounts master Stéphane Lesimple 2025-03-20 16:32:34 +0000
  • 714cf02e78 fix: groupCreate: specify the UID of the group's corresponding user Stéphane Lesimple 2026-06-05 16:26:37 +0000
  • 0b93899e3f fix: misleading error message Stéphane Lesimple 2026-06-05 16:25:28 +0000
  • eee8bbdc90 feat: fix-group-gid.sh: also fix group's corresponding user uid if applicable Stéphane Lesimple 2026-06-05 16:24:29 +0000
  • 09cbf66f42 chore: github actions: up checkout to v6, as v4 is deprecated Stéphane Lesimple 2026-06-05 16:46:44 +0000
  • 38552dd2da
         Merge 9b8baf1607 into eed4becc4e Jonah 2026-06-06 20:10:12 +0200
  • 7499ebc7f0
         Merge d4b3ddc29e into eed4becc4e Jonah 2026-06-06 19:38:39 +0200
  • 7b699863a6
         chore: github actions: up checkout to v6, as v4 is deprecated Stéphane Lesimple 2026-06-05 16:46:44 +0000
  • eed4becc4e fix: allow password authentication for egress if configured Friedrich Weber 2026-05-27 17:37:47 +0200
  • 9dd7d0d4ad
         fix: groupCreate: specify the UID of the group's corresponding user Stéphane Lesimple 2026-06-05 16:26:37 +0000
  • 6140f4642d
         fix: misleading error message Stéphane Lesimple 2026-06-05 16:25:28 +0000
  • 53a0df1ca7
         feat: fix-group-gid.sh: also fix group's corresponding user uid if applicable Stéphane Lesimple 2026-06-05 16:24:29 +0000
  • a66faa3088
         fix: account expiration & accountUnexpire usage for 'realm/user' accounts Stéphane Lesimple 2025-03-20 16:32:34 +0000
  • cfa040c870
         fix: build_ttyrec_cmdline_part1of2: don't mkdir when mocking Stéphane Lesimple 2026-06-05 12:28:45 +0000
  • b85e003467
         unit tests: don't run IPv6 proxy tests under non-IPv6 aware systems Stéphane Lesimple 2026-06-05 12:04:35 +0000
  • 84f2462215
         proxyjump: add documentation Stéphane Lesimple 2026-06-05 10:12:09 +0000
  • 7457dbd909
         proxyjump: add end2end functional tests Stéphane Lesimple 2026-06-05 09:37:48 +0000
  • 6ec97fad6c
         refuse ssh password autologin in combination with proxyjump for now Stéphane Lesimple 2026-06-05 10:34:04 +0000
  • 9b0d00d56c
         ssh_test_access_way: don't attempt to test a proxyjump connection with a wildcard user Stéphane Lesimple 2026-06-05 09:36:40 +0000
  • ac57cf944a
         ACL check: reject --proxy-user without --proxy-host Stéphane Lesimple 2026-06-05 09:35:09 +0000
  • 77dd005278
         proxyjump: also pass proxy user to is_access_granted() Stéphane Lesimple 2026-06-05 09:33:31 +0000
  • d6c8674afb
         replace osh.pl re-entry logic for proxyjump by a local SHELL=/bin/sh Stéphane Lesimple 2026-06-05 09:32:34 +0000
  • 7c5444fa92
         use the validate_proxy_params() helper everywhere we need to read/split/validate jumphost proxy info Stéphane Lesimple 2026-06-05 09:31:50 +0000
  • 61032fb5f5
         also apply the (forbidden|allowed)Networks and ingressToEgressRules to the proxyjump host Stéphane Lesimple 2026-06-03 12:38:08 +0000
  • 543c4d69b3
         feat: make the complete ttyrec file path configurable and via-aware Stéphane Lesimple 2026-06-03 12:12:36 +0000
  • c85013555c
         proxyjump: build ssh options through a shared helper Stéphane Lesimple 2026-06-02 15:14:22 +0000
  • b2f08f9924
         sql schema update: wrap DDL in a sqlite transaction Stéphane Lesimple 2026-06-05 09:25:53 +0000
  • 41a83e8d0f
         fix: sql log: inverted proxy ip/host in insert Stéphane Lesimple 2026-06-02 14:21:19 +0000
  • c558c52e6e
         fix: allowdeny: proxy IP and port must both be defined to be considered Stéphane Lesimple 2026-06-02 14:20:55 +0000
  • 334e6cb1cb
         fix: simplify more checks wanted variables jon4hz 2026-02-10 16:46:35 +0100
  • a647b285b4
         fix: simplify checks wanted variables Jonah 2026-02-10 16:40:48 +0100
  • 358c81a887
         fix: use logical or when checking for mandatory params Jonah 2026-02-10 16:38:22 +0100
  • 2453472edc
         fix: move proxy option check out of loop jon4hz 2026-02-10 16:34:51 +0100
  • f786737f92
         fix: improve error handling in proxy validation subroutine jon4hz 2026-02-10 14:19:20 +0100
  • a47115058f
         fix: use proxyIp and not proxyHost jon4hz 2026-02-10 14:18:32 +0100
  • 6328391cd8
         chore: fix tests with proxyjump feature opt-in jon4hz 2026-02-10 11:53:56 +0100
  • 809a1a2c9b
         chore: perl tidy jon4hz 2026-01-22 15:04:45 +0100
  • 4381aa1598
         feat: make proxyJump and opt-in feature jon4hz 2026-01-22 15:03:31 +0100
  • f6b7f78c3e
         fix: placement of proxyUser option jon4hz 2026-01-22 13:14:10 +0100
  • 3a35ba64ad
         fix: consistent flag naming in selfListSessions jon4hz 2026-01-22 13:13:11 +0100
  • daeb10ac9d
         fix: correctly check json output Jonah 2026-01-22 11:30:53 +0100
  • c60ea9fdb8
         chore: add missing closing bracket Jonah 2026-01-22 11:30:25 +0100
  • 6347a4b1c4
         Revert "fix: use quotemeta to join command parts" jon4hz 2026-01-22 11:26:20 +0100
  • 7c87e51fba
         fix: only check for valid ip in acl check jon4hz 2026-01-22 10:48:25 +0100
  • 14a6c614fe
         fix: proxyIP can't be a subnet Jonah 2026-01-22 10:43:58 +0100
  • dad345c9ce
         fix: use quotemeta to join command parts Jonah 2026-01-22 10:40:12 +0100
  • 8ae989ae11
         fix: remove unneccessary osh_command check Jonah 2026-01-22 10:39:01 +0100
  • 2faacb0547
         fix: move proxy parsing to mosh and improve exit codes jon4hz 2026-01-22 10:37:40 +0100
  • 05207ca921
         chore: fix perlcritic warnings jon4hz 2025-12-04 11:23:19 +0100
  • e2b8a622dd
         fix: handle proxy options correctly when deleting accesses jon4hz 2025-11-13 19:37:00 +0100
  • 73b65a7a8a
         refactor: function to validate proxy options jon4hz 2025-11-06 22:51:14 +0100
  • bac4a3ef5d
         chore: autocompletions jon4hz 2025-11-06 22:24:35 +0100
  • 70a6989ce2
         fix: add ignoreProxyUser to is_access_granted jon4hz 2025-11-06 21:52:31 +0100
  • 250fc5d084
         feat: whoHasAccessTo can now check for proxy info jon4hz 2025-11-06 21:47:37 +0100
  • 1eee3e8e0e
         fix: only set proxyPort default value if proxyJump is defined jon4hz 2025-11-06 21:39:26 +0100
  • 425eb36f09
         feat: log proxy info jon4hz 2025-11-06 21:30:58 +0100
  • 99553c1fd6
         fix: include proxy info in ttyrec filename jon4hz 2025-11-05 23:38:30 +0100
  • 2670b6c9ba
         feat: proxy support for guest accesses jon4hz 2025-11-05 21:47:04 +0100
  • 600927a158
         chore: improve log output jon4hz 2025-11-05 21:15:48 +0100
  • 739f08c4de
         revert: scp parameter is still necessary jon4hz 2025-11-05 21:14:00 +0100
  • 3756a88434
         chore: run perl tidy jon4hz 2025-11-05 20:57:23 +0100
  • 5f7270d99d
         fix: correct proxy info if proxyUser is defined jon4hz 2025-11-05 20:55:51 +0100
  • 8c02971430
         fix: support proxyUser in protocol access jon4hz 2025-11-04 23:37:56 +0100
  • f4393530d4
         chore: remove unused env vars jon4hz 2025-11-04 23:32:45 +0100
  • 02eeacb242
         feat: add proxy-user parameter jon4hz 2025-11-03 22:31:11 +0100
  • 81bb17c4b8
         fix: remove unnecessary scp parameter jon4hz 2025-11-03 19:55:28 +0100
  • 035dac4734
         fix: use delete to clear env var jon4hz 2025-10-30 01:31:16 +0100
  • 1198341c7d
         chore: more tests jon4hz 2025-10-30 01:14:13 +0100
  • 32824d228b
         fix: correct proxy parameter in groupAddServer helper jon4hz 2025-10-29 16:08:42 +0100
  • 5ad78d7146
         fix: return proxyIP and proxyPort in json output jon4hz 2025-10-29 10:54:07 +0100
  • 3d44f630bb
         fix: handle proxy connection in access test jon4hz 2025-10-27 21:35:42 +0100
  • 314379466b
         fix: reset proxy connection env var jon4hz 2025-10-27 21:34:26 +0100
  • 92390e610f
         fix: handle access check correctly with proxy options jon4hz 2025-10-10 16:33:37 +0200
  • 961e823128
         chore: run perl tidy jon4hz 2025-10-08 15:20:01 +0200
  • 2eb76c89a6
         chore: adjust machine display to include proxy info jon4hz 2025-10-08 15:19:52 +0200
  • a03f8258fd
         feat(scp): support proxyjump jon4hz 2025-10-08 15:16:35 +0200