From 1b0820bf46de88b9f8c7026c434d8e0852fe026a Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 23 Nov 2016 12:25:46 +0000 Subject: [PATCH] Enable or disable password storage --- src/freedombone-pass | 7 +++++++ src/freedombone-sec | 25 +++++++++++++++---------- 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/src/freedombone-pass b/src/freedombone-pass index 1626e4ef..2f9a2838 100755 --- a/src/freedombone-pass +++ b/src/freedombone-pass @@ -160,6 +160,13 @@ do -c|--clear|--erase) clear_passwords ;; + -e|--enable) + shift + if [ -f $NO_PASSWORD_STORE_FILE ]; then + rm $NO_PASSWORD_STORE_FILE + echo $'Password storage has been enabled' + fi + ;; -u|--user|--username) shift CURR_USERNAME="${1}" diff --git a/src/freedombone-sec b/src/freedombone-sec index e781849b..ad5eae5d 100755 --- a/src/freedombone-sec +++ b/src/freedombone-sec @@ -685,19 +685,24 @@ function remove_pinning { esac } -function clear_passwords { - dialog --title $"Clear Passwords" \ +function store_passwords { + dialog --title $"Store Passwords" \ --backtitle $"Freedombone Security Configuration" \ - --defaultno \ - --yesno $"\nThis will remove all user passwords from the system. Are you sure that you want to do this?" 8 60 + --yesno $"\nDo you wish to store passwords on the system? Stored passwords are convenient but carry some additional security risk." 10 60 sel=$? case $sel in - 1) return;; + 0) + ${PROJECT_NAME}-pass --enable yes + return + ;; + 1) + ${PROJECT_NAME}-pass --clear yes + dialog --title $"Passwords were removed and will not be stored" \ + --msgbox $"\nFor the best security you should now manually change passwords via web interfaces so that there is no possibility of them being recovered from the disk" 9 60 + return + ;; 255) return;; esac - ${PROJECT_NAME}-pass --clear yes - dialog --title $"Passwords were removed" \ - --msgbox $"\nFor the best security you should now manually change passwords via web interfaces so that there is no possibility of them being recovered from the disk" 9 60 } function menu_security_settings { @@ -707,7 +712,7 @@ function menu_security_settings { --title $"Security Settings" \ --radiolist $"Choose an operation:" 18 76 18 \ 1 $"Show ssh host public key" off \ - 2 $"Clear password store" off \ + 2 $"Password storage" off \ 3 $"Regenerate ssh host keys" off \ 4 $"Regenerate Diffie-Hellman keys" off \ 5 $"Update cipersuite" off \ @@ -744,7 +749,7 @@ function menu_security_settings { exit 0 ;; 2) - clear_passwords + store_passwords exit 0 ;; 3)