free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,745 Commits 5 Branches 0 Tags 125 MiB
Commit Graph

3889 Commits

Author SHA1 Message Date
Bob Mottram 6b4dba4771 Disable rds 2016-11-30 17:21:22 +00:00
Bob Mottram 21a3edf51a Disable sctp 2016-11-30 17:18:22 +00:00
Bob Mottram c9f6fbd54f Disable dccp 2016-11-30 17:15:43 +00:00
Bob Mottram 82a57bc41c Don't accept redirects 2016-11-30 17:04:56 +00:00
Bob Mottram b9ad7e57a3 ipv6 can be used 2016-11-30 16:26:05 +00:00
Bob Mottram b399c50c26 More ip rules 2016-11-30 16:18:40 +00:00
Bob Mottram 23f67f2426 Checking for ctrl-alt-del link 2016-11-30 15:43:31 +00:00
Bob Mottram 73316797e3 Change rule to exclude nonexistent directory 2016-11-30 14:38:28 +00:00
Bob Mottram 8dfaa5d981 irc user directory 2016-11-30 14:25:27 +00:00
Bob Mottram 01c8ac8b60 Passwords are usually random so this doesn't apply 2016-11-30 14:00:44 +00:00
Bob Mottram f45f281dd4 Set lychee permissions 2016-11-30 13:55:41 +00:00
Bob Mottram 6090d6c84c Permission on tox node keys 2016-11-30 13:51:03 +00:00
Bob Mottram 5c79c584fc Set sticky bits 2016-11-30 13:40:17 +00:00
Bob Mottram 3f58fc17d2 exim/procmail command permissions 2016-11-30 13:12:15 +00:00
Bob Mottram b97ec3892b Dummy nologin command 
To fix STIG error
 2016-11-30 10:30:56 +00:00
Bob Mottram 7e9f249e11 radicale user directory 2016-11-30 10:23:58 +00:00
Bob Mottram 466dec4d89 Change function name 2016-11-30 09:41:56 +00:00
Bob Mottram c4de2e86d2 Add and remove groups when for users 2016-11-30 09:40:10 +00:00
Bob Mottram e51e1a9ce2 Help option 2016-11-30 09:36:12 +00:00
Bob Mottram 396b202982 Disable core dumps 2016-11-29 23:19:31 +00:00
Bob Mottram a76a4d22f9 Disk encryption is optional 2016-11-29 23:13:36 +00:00
Bob Mottram a25037f226 Firewall drops forwards 2016-11-29 23:10:55 +00:00
Bob Mottram 4eced972fd Install screen to enable console locking 2016-11-29 22:39:29 +00:00
Bob Mottram 83ef278c13 Done via control panel 2016-11-29 22:13:03 +00:00
Bob Mottram 4a4fd7899f root mail 2016-11-29 22:12:02 +00:00
Bob Mottram f6fd2111e7 Ensure permissions on freedombone commands 2016-11-29 21:49:40 +00:00
Bob Mottram 9749cb43ce sudo permissions 2016-11-29 21:17:52 +00:00
Bob Mottram 11899c9904 Set command file permissions 2016-11-29 20:49:11 +00:00
Bob Mottram 8e9933725d Remove logins via serial console 2016-11-29 20:34:29 +00:00
Bob Mottram 7a66ad8571 Use tripwire 2016-11-29 20:17:00 +00:00
Bob Mottram 2fb341b487 In most cases the boot loader isn't grub 2016-11-29 19:34:24 +00:00
Bob Mottram 35d789f133 Limit the number of user logins 2016-11-29 19:30:36 +00:00
Bob Mottram c24e7a4d0c Reset user password tries from the control panel 2016-11-29 19:12:17 +00:00
Bob Mottram a686f2401c Limit number of login attempts 2016-11-29 18:10:27 +00:00
Bob Mottram b8b0637e13 Set maximum login attempts 2016-11-29 16:31:07 +00:00
Bob Mottram 5e7a01f193 Not applicable for random passwords 2016-11-29 15:36:46 +00:00
Bob Mottram f9d646cb31 Not applicable to random passwords 2016-11-29 15:34:51 +00:00
Bob Mottram de1eb3fe2c Passwords are randomly generated 2016-11-29 15:34:12 +00:00
Bob Mottram d6323eeaa8 Doesn't apply with this system 2016-11-29 15:32:56 +00:00
Bob Mottram f20c6aebf3 Ignore bogons 2016-11-29 15:31:50 +00:00
Bob Mottram e1a352919f No permissions on shadow most of the time 2016-11-29 15:00:40 +00:00
Bob Mottram 4b81fde030 Alter permissions when adding and removing users 2016-11-29 14:42:27 +00:00
Bob Mottram 0d568644e0 Set shadow permissions 2016-11-29 14:31:54 +00:00
Bob Mottram 63821d3c21 Disable deferred execution 2016-11-29 13:53:16 +00:00
Bob Mottram a3e4aaa57b Removing x11-common would remove some essential stuff, including emacs 2016-11-29 13:36:20 +00:00
Bob Mottram f5b3393a3b Set login umask 2016-11-29 13:31:36 +00:00
Bob Mottram 4add2899d7 Don't use postfix 2016-11-29 13:18:46 +00:00
Bob Mottram 4d0e030130 Disable nfs insecure locks 2016-11-29 13:16:53 +00:00
Bob Mottram e5b04a2d1f Don't lock inactive accounts 2016-11-29 13:07:47 +00:00
Bob Mottram cb87c06f90 Remove bluetooth 2016-11-29 13:01:00 +00:00
Bob Mottram bc6f387506 Don't disable avahi 2016-11-29 12:42:01 +00:00
Bob Mottram aa38f141c6 Not using postfix 2016-11-29 12:40:02 +00:00
Bob Mottram 1f0ac1f3ce Security Technical Implementation Guide tests based upon RHEL/hardenedlinux 2016-11-29 12:37:48 +00:00
Bob Mottram fccdf73c0f Quote 2016-11-28 19:23:41 +00:00
Bob Mottram 01cbac1123 Reconfigure exim 2016-11-28 14:38:52 +00:00
Bob Mottram dca0cb9b1b Default logging to 'no' 2016-11-28 14:05:30 +00:00
Bob Mottram 1c7b22ea1a Control exim logging 2016-11-28 14:03:49 +00:00
Bob Mottram ac5f91b6b6 Control exim logging 2016-11-28 13:41:31 +00:00
Bob Mottram 3cb446107a v2.00 2016-11-24 21:57:17 +00:00
Bob Mottram 8699d8940c Don't check postactiv daemons 2016-11-24 18:54:12 +00:00
Bob Mottram 4ea2433d3d Don't include commits as variables, since this makes upgrades hard 2016-11-24 18:37:10 +00:00
Bob Mottram b90a0038e3 Bump postactiv commit 2016-11-24 18:12:44 +00:00
Bob Mottram 2784666962 Remove on failure 2016-11-24 15:44:37 +00:00
Bob Mottram e671e97c29 Remove on failure 2016-11-24 15:43:35 +00:00
Bob Mottram dda45dc829 Try different postactiv commit 2016-11-24 15:41:03 +00:00
Bob Mottram ecef9b8229 Use project name variable 2016-11-24 14:35:28 +00:00
Bob Mottram d57e05f2f9 Include the option to format the drive during password export 2016-11-24 14:32:37 +00:00
Bob Mottram 2133adc407 Get app name 2016-11-24 14:17:40 +00:00
Bob Mottram d37e93f69b No spaces 2016-11-24 13:50:01 +00:00
Bob Mottram ea1227fbac Don't need any key 2016-11-24 13:46:20 +00:00
Bob Mottram 3fb6d9d109 Security menu option to export passwords 2016-11-24 13:44:42 +00:00
Bob Mottram 11fcfafb3b Export passwords to keepass 2016-11-24 13:08:19 +00:00
Bob Mottram 90ec8c21f0 Fix marge conflicts 2016-11-24 11:09:15 +00:00
Bob Mottram bd74ed4be5 Switch to using master branch for installs and upgrades 2016-11-24 10:50:25 +00:00
Bob Mottram 851d44c5be Merge stockholm 2016-11-24 10:44:30 +00:00
Bob Mottram a12bde8c89 Change client advice, based on the control panel 2016-11-23 20:22:20 +00:00
Bob Mottram 413c6a40d3 Option to verify the ssh server public key 2016-11-23 14:56:11 +00:00
Bob Mottram 968462e120 Change the wording if not storing passwords 2016-11-23 13:38:06 +00:00
Bob Mottram 93383ded9d Additional security guidance 2016-11-23 12:52:09 +00:00
Bob Mottram ba3be6aab5 Allow password storage for root 
So that local database backups are unaffected
 2016-11-23 12:38:07 +00:00
Bob Mottram 98ed130c1b Backup and restore password storage state 2016-11-23 12:36:01 +00:00
Bob Mottram 1b0820bf46 Enable or disable password storage 2016-11-23 12:25:46 +00:00
Bob Mottram 5ff2e50dfe Don't store future passwords after store 2016-11-23 12:17:47 +00:00
Bob Mottram bb7f71eedc Exit after clear 2016-11-23 09:42:26 +00:00
Bob Mottram c2b2a8e332 Exit after clear 2016-11-23 09:39:29 +00:00
Bob Mottram 075909f522 Option to clear stored passwords 2016-11-23 09:34:45 +00:00
Bob Mottram 4d2092d502 Alignment 2016-11-23 00:00:06 +00:00
Bob Mottram 0b505b97c8 Plural 2016-11-22 23:58:49 +00:00
Bob Mottram 7f3c96e9e6 Remove equals 2016-11-22 23:57:25 +00:00
Bob Mottram a8bc2b5906 Alignment 2016-11-22 23:55:08 +00:00
Bob Mottram e2a8677fbd Alignment 2016-11-22 23:53:51 +00:00
Bob Mottram a64644181f Show sha256 ssh kost key hashes 2016-11-22 23:52:33 +00:00
Bob Mottram 5cc61278d5 Show ssh public key on about screen 2016-11-22 23:28:27 +00:00
Bob Mottram 656c311843 Format 2016-11-22 23:24:19 +00:00
Bob Mottram 341d7b2a92 Dialog width 2016-11-22 23:22:48 +00:00
Bob Mottram 0e89b1f01c Turn off logging at the very end of installation 2016-11-22 23:03:55 +00:00
Bob Mottram db76d2b45b Show the ssh server public key at the end of installation 2016-11-22 23:01:47 +00:00
Bob Mottram 9c2c644310 Allow verification of the ssh host key 2016-11-22 22:57:43 +00:00
Bob Mottram 4bc84ba060 Change postactiv repo 2016-11-22 21:52:17 +00:00
Bob Mottram d30773b877 Update database backup to using password manager 2016-11-22 11:17:17 +00:00
Bob Mottram 6a176f021e Permissions and certs for prosody 2016-11-22 11:02:50 +00:00
Bob Mottram 1a3b57b0f0 Comment out the second ports entry for onion only installs 2016-11-21 23:33:46 +00:00
Bob Mottram 06231fda94 Permissions on etherpad settings 2016-11-21 19:12:35 +00:00
Bob Mottram 0503e12b0d irc config only readable by root 2016-11-21 19:06:43 +00:00
Bob Mottram d60d106deb Show returned password on failure 2016-11-21 18:19:32 +00:00
Bob Mottram 45a8e47395 Check padded length 2016-11-21 18:17:19 +00:00
Bob Mottram 1a4f56f444 shift 2016-11-21 18:15:17 +00:00
Bob Mottram f4c776bdf5 Formatting 2016-11-21 18:13:41 +00:00
Bob Mottram 801e0569fd Leading and trailing padding on stored passwords 
To ensure that identical passwords have differing cyphertext
 2016-11-21 18:11:50 +00:00
Bob Mottram ebd37f392c Tidying 2016-11-21 16:00:20 +00:00
Bob Mottram 5726498f58 Store the password not the hash 2016-11-21 14:57:10 +00:00
Bob Mottram ef0b5366de Hash etherpad passwords 2016-11-21 14:54:57 +00:00
Bob Mottram dffea8f52c Tidying 2016-11-21 14:19:57 +00:00
Bob Mottram 7bc9089801 Migrate database password on repair script 2016-11-21 12:22:27 +00:00
Bob Mottram 9b4ed83e28 mcrypt dependency 2016-11-21 11:29:44 +00:00
Bob Mottram 292b8adae3 mcrypt dependency 2016-11-21 11:26:17 +00:00
Bob Mottram aa2670f86e Allow root user 2016-11-21 10:53:44 +00:00
Bob Mottram d27efc5dba Tidying 2016-11-21 10:51:48 +00:00
Bob Mottram 24e7f3b972 No full stop to make copying easier 2016-11-21 10:37:55 +00:00
Bob Mottram dca7d10cad Tidying 2016-11-21 10:36:09 +00:00
Bob Mottram 1ae076f81b Handle mobile onion address 2016-11-21 10:29:29 +00:00
Bob Mottram 361742f564 Show domains with password 2016-11-21 10:20:30 +00:00
Bob Mottram c26f366e31 Better handling of toxcore logging 2016-11-20 23:28:15 +00:00
Bob Mottram 130393d2a5 Try to avoid problems when logged in via onion address 2016-11-20 23:23:28 +00:00
Bob Mottram d9bde6c928 logging must be on for toxcore installation 2016-11-20 23:18:08 +00:00
Bob Mottram 4646670138 tor log ownership 2016-11-20 22:31:53 +00:00
Bob Mottram 1b72fc896d Configure avahi on regular client installs 2016-11-20 22:12:49 +00:00
Bob Mottram 47f0beb9bf Create tor log 2016-11-20 22:02:46 +00:00
Bob Mottram c2f00aed9f restart tor when changing logging 2016-11-20 21:55:38 +00:00
Bob Mottram 812f5db8fb reload tor first 2016-11-20 21:42:42 +00:00
Bob Mottram d5f6748ca1 Standardise headers and unselect everything except an editor by default 2016-11-20 21:14:37 +00:00
Bob Mottram 993c0da24c Move database password to the password store 2016-11-20 20:39:14 +00:00
Bob Mottram e960e983ec quotes 2016-11-20 19:06:25 +00:00
Bob Mottram 9e33923521 Formatting 2016-11-20 18:38:42 +00:00
Bob Mottram 2ee1b25c78 Lychee setup advice 2016-11-20 18:37:17 +00:00
Bob Mottram 75c5351cca Wording 2016-11-20 18:20:17 +00:00
Bob Mottram 18ce7ad4e3 Dimenstions 2016-11-20 18:19:01 +00:00
Bob Mottram 491cecf884 Advice for copying bootstrap ID 2016-11-20 18:18:01 +00:00
Bob Mottram 8674bb7faa Show tox bootstrap ID 2016-11-20 17:59:58 +00:00
Bob Mottram 62b689667d Remove any previous freedombone avahi entries from known hosts 2016-11-20 17:37:37 +00:00
Bob Mottram 5a22bc4785 Don't use readme for user registrations 2016-11-20 15:21:54 +00:00
Bob Mottram 3ead78b4f8 Dokuwiki updates password store 2016-11-20 15:02:59 +00:00
Bob Mottram 51eeef0630 Adding and removing dokuwiki users 2016-11-20 14:21:11 +00:00
Bob Mottram 232cb7fbf0 Changing the dokuwki password 2016-11-20 14:15:52 +00:00
Bob Mottram 082e151a35 gpgit repo has moved 2016-11-20 13:42:10 +00:00
Bob Mottram 03f4d60580 Quotes 2016-11-20 13:15:30 +00:00
Bob Mottram d4fcc3420e Move the mumble global password into the password manager 2016-11-20 13:07:33 +00:00
Bob Mottram c53f44cddf Handling the global irc password 2016-11-20 12:49:06 +00:00
Bob Mottram b4971017c2 Changing app passwords 2016-11-20 12:37:13 +00:00
Bob Mottram 0147cadc53 xmpp password changes 2016-11-20 11:23:56 +00:00