Enable or disable password storage

2016-11-23 12:25:46 +00:00 · 2016-11-23 12:25:46 +00:00 · 1b0820bf46
parent 5ff2e50dfe
commit 1b0820bf46
2 changed files with 22 additions and 10 deletions
--- a/src/freedombone-pass
+++ b/src/freedombone-pass
@ -160,6 +160,13 @@ do
        -c|--clear|--erase)
            clear_passwords
            ;;
+        -e|--enable)
+            shift
+            if [ -f $NO_PASSWORD_STORE_FILE ]; then
+                rm $NO_PASSWORD_STORE_FILE
+                echo $'Password storage has been enabled'
+            fi
+            ;;
        -u|--user|--username)
            shift
            CURR_USERNAME="${1}"
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@ -685,19 +685,24 @@ function remove_pinning {
    esac
 }

-function clear_passwords {
-    dialog --title $"Clear Passwords" \
+function store_passwords {
+    dialog --title $"Store Passwords" \
           --backtitle $"Freedombone Security Configuration" \
-           --defaultno \
-           --yesno $"\nThis will remove all user passwords from the system. Are you sure that you want to do this?" 8 60
+           --yesno $"\nDo you wish to store passwords on the system? Stored passwords are convenient but carry some additional security risk." 10 60
    sel=$?
    case $sel in
-        1) return;;
+        0)
+            ${PROJECT_NAME}-pass --enable yes
+            return
+            ;;
+        1)
+            ${PROJECT_NAME}-pass --clear yes
+            dialog --title $"Passwords were removed and will not be stored" \
+                   --msgbox $"\nFor the best security you should now manually change passwords via web interfaces so that there is no possibility of them being recovered from the disk" 9 60
+            return
+            ;;
        255) return;;
    esac
-    ${PROJECT_NAME}-pass --clear yes
-    dialog --title $"Passwords were removed" \
-           --msgbox $"\nFor the best security you should now manually change passwords via web interfaces so that there is no possibility of them being recovered from the disk" 9 60
 }

 function menu_security_settings {
@ -707,7 +712,7 @@ function menu_security_settings {
           --title $"Security Settings" \
           --radiolist $"Choose an operation:" 18 76 18 \
           1 $"Show ssh host public key" off \
-           2 $"Clear password store" off \
+           2 $"Password storage" off \
           3 $"Regenerate ssh host keys" off \
           4 $"Regenerate Diffie-Hellman keys" off \
           5 $"Update cipersuite" off \
@ -744,7 +749,7 @@ function menu_security_settings {
            exit 0
            ;;
        2)
-            clear_passwords
+            store_passwords
            exit 0
            ;;
        3)