Additional security guidance

2016-11-23 12:52:09 +00:00 · 2016-11-23 12:52:09 +00:00 · 93383ded9d
parent ba3be6aab5
commit 93383ded9d
1 changed files with 16 additions and 1 deletions
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@ -692,7 +692,22 @@ function store_passwords {
    sel=$?
    case $sel in
        0)
-            ${PROJECT_NAME}-pass --enable yes
+            if [ -f /root/.nostore ]; then
+                read_config_param "MY_USERNAME"
+                if [ ! -f /home/$MY_USERNAME/.ssh/authorized_keys ]; then
+                    dialog --title $"Store Passwords" \
+                           --msgbox $"\nYou should first enable key based ssh login to improve security" 8 60
+                    return
+                fi
+                if [[ $SSH_PASSWORDS == 'yes' ]]; then
+                    dialog --title $"Store Passwords" \
+                           --msgbox $"\nYou should disable ssh passwords to improve security" 8 60
+                    return
+                fi
+                ${PROJECT_NAME}-pass --enable yes
+                dialog --title $"Store Passwords" \
+                       --msgbox $"\nUser passwords will now be stored on the system" 8 60
+            fi
            return
            ;;
        1)