From 75d6de301b071398ade99bb5570eecf2d7fa36f6 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sat, 5 Aug 2017 10:00:34 +0100
Subject: [PATCH] Menu option to fix stig test failures
---
src/freedombone-sec | 64 +++++++++++++++++++++++++--------------------
1 file changed, 36 insertions(+), 28 deletions(-)
diff --git a/src/freedombone-sec b/src/freedombone-sec
index 4f1608fb3..1266d9313 100755
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@@ -969,22 +969,23 @@ function menu_security_settings {
trap "rm -f $data" 0 1 2 5 15
dialog --backtitle $"Freedombone Control Panel" \
--title $"Security Settings" \
- --radiolist $"Choose an operation:" 22 76 22 \
+ --radiolist $"Choose an operation:" 23 76 23 \
1 $"Run STIG tests" off \
- 2 $"Show ssh host public key" off \
- 3 $"Tor bridges" off \
- 4 $"Password storage" off \
- 5 $"Export passwords" off \
- 6 $"Regenerate ssh host keys" off \
- 7 $"Regenerate Diffie-Hellman keys" off \
- 8 $"Update cipersuite" off \
- 9 $"Create a new Let's Encrypt certificate" off \
- 10 $"Renew Let's Encrypt certificate" off \
- 11 $"Delete a Let's Encrypt certificate" off \
- 12 $"Enable GPG based authentication (monkeysphere)" off \
- 13 $"Register a website with monkeysphere" off \
- 14 $"Allow ssh login with passwords" off \
- 15 $"Go Back/Exit" on 2> $data
+ 2 $"Fix STIG test failures" off \
+ 3 $"Show ssh host public key" off \
+ 4 $"Tor bridges" off \
+ 5 $"Password storage" off \
+ 6 $"Export passwords" off \
+ 7 $"Regenerate ssh host keys" off \
+ 8 $"Regenerate Diffie-Hellman keys" off \
+ 9 $"Update cipersuite" off \
+ 10 $"Create a new Let's Encrypt certificate" off \
+ 11 $"Renew Let's Encrypt certificate" off \
+ 12 $"Delete a Let's Encrypt certificate" off \
+ 13 $"Enable GPG based authentication (monkeysphere)" off \
+ 14 $"Register a website with monkeysphere" off \
+ 15 $"Allow ssh login with passwords" off \
+ 16 $"Go Back/Exit" on 2> $data
sel=$?
case $sel in
1) exit 1;;
@@ -1014,53 +1015,60 @@ function menu_security_settings {
exit 0
;;
2)
+ clear
+ echo $'Fixing any STIG failures...'
+ echo ''
+ ${PROJECT_NAME}-tests --stig fix
+ exit 0
+ ;;
+ 3)
dialog --title $"SSH host public keys" \
--msgbox "\n$(get_ssh_server_key)" 12 60
exit 0
;;
- 3)
+ 4)
menu_tor_bridges
exit 0
;;
- 4)
+ 5)
store_passwords
exit 0
;;
- 5)
+ 6)
export_passwords
exit 0
;;
- 6)
+ 7)
regenerate_ssh_host_keys
;;
- 7)
+ 8)
regenerate_dh_keys
;;
- 8)
+ 9)
interactive_setup
update_ciphersuite
;;
- 9)
+ 10)
create_letsencrypt
;;
- 10)
+ 11)
renew_letsencrypt
;;
- 11)
+ 12)
delete_letsencrypt
;;
- 12)
+ 13)
enable_monkeysphere
;;
- 13)
+ 14)
register_website
;;
- 14)
+ 15)
allow_ssh_passwords
change_ssh_settings
exit 0
;;
- 15)
+ 16)
exit 0
;;
esac
--
GitLab