KNEL/KNELServerBuild
2
0
Fork 0
Code Pull Requests Actions Packages Releases 1 Activity
248 Commits 1 Branch 1 Tag
495d0bb03b38fb6a63f41a00116890e405d79d60
Commit Graph

46 Commits

Author SHA1 Message Date
mrcharles 7a7d23f36c . 2025-07-14 12:42:22 -05:00
mrcharles f9f32612bb . 2025-07-14 12:37:04 -05:00
mrcharles 09063bfee4 case matters... 2025-07-14 12:36:03 -05:00
mrcharles 5bbaff89e9 refactored to use vendored shell framework. lets test. 2025-07-14 12:34:33 -05:00
mrcharles a710fc7b4e removed debugging bits 2025-07-14 11:04:21 -05:00
mrcharles c6e458de8b . 2025-07-14 11:03:08 -05:00
mrcharles e31bab4162 . 2025-07-14 11:01:19 -05:00
mrcharles 86740b8c7d . 2025-07-14 10:59:32 -05:00
mrcharles f585f90b7f . 2025-07-14 10:55:54 -05:00
mrcharles 24c10b6f35 it hallucinated print_header 2025-07-14 10:50:42 -05:00
mrcharles 634a998d7e testing 2025-07-14 10:48:59 -05:00
mrcharles a632e7d514 Implement comprehensive two-factor authentication for SSH and web services 
- Complete rewrite of secharden-2fa.sh with full 2FA implementation
- SSH 2FA using Google Authenticator with publickey + TOTP authentication
- Cockpit web interface 2FA with custom PAM configuration
- Webmin 2FA support with automatic detection and configuration
- User setup automation with QR codes and backup codes generation
- Gradual rollout support using nullok for phased deployment
- Automatic configuration backup and restore procedures
- Add 2fa-validation.sh security test for comprehensive validation
- Create TSYS-2FA-GUIDE.md with complete implementation documentation
- Add DEVELOPMENT-GUIDELINES.md with coding standards and best practices
- Optimize package installation with single apt-get commands for performance

The 2FA implementation provides enterprise-grade security while maintaining
usability and proper emergency access procedures. Includes comprehensive
testing, documentation, and follows established security best practices.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-07-14 10:23:07 -05:00
mrcharles 6609d7d9e3 sigh. 2025-07-11 11:52:28 -05:00
mrcharles 0588b2dd60 ifdev for dev boxes, they have less hardened ssh config because vscode remote etc 2025-07-11 11:48:53 -05:00
mrcharles f2dc2ce29e automation. no prompts! 2025-07-02 18:52:43 -05:00
mrcharles d1ef7118d5 debian fails... let's see if this fixes it. 2025-07-02 18:47:21 -05:00
mrcharles 160d1b26cc fixed in ubuntu. will test on debian next. 2025-07-02 18:44:46 -05:00
mrcharles ce5bb0be6f . 2025-07-02 18:43:18 -05:00
mrcharles ce1bf7d220 i think this is right... 2025-07-02 18:41:58 -05:00
mrcharles 0175a00458 got to handle the other condition... 2025-07-02 18:25:31 -05:00
mrcharles 0f52d19229 remove debugging 2025-07-02 18:21:56 -05:00
mrcharles 0937036155 had inverse logic. fixed. still shouldn't have caused script to error though... hmm... 2025-07-02 18:15:03 -05:00
mrcharles 02a874f713 . 2025-07-02 18:10:47 -05:00
mrcharles 259a4f07b7 got further . hmm... 2025-07-02 18:09:06 -05:00
mrcharles f06d8b1fe5 ok. i think this is the last of the regressions. 2025-07-02 18:06:26 -05:00
mrcharles d76613c0dc . 2025-07-02 18:00:01 -05:00
mrcharles 5deaecd79f . 2025-07-02 17:57:44 -05:00
mrcharles c58c3f116e . 2025-07-02 17:55:56 -05:00
mrcharles e4e1c66111 . 2025-07-02 17:52:14 -05:00
mrcharles d60c03b116 some more resillience 2025-07-02 17:45:56 -05:00
mrcharles 6cdc7bbba7 this code is going to be quite resillient when done.. 2025-07-02 17:43:17 -05:00
mrcharles 197d8e2d27 ubuntu bug workaround 2025-07-02 12:23:31 -05:00
mrcharles 7457db098f . 2025-07-02 08:15:55 -05:00
mrcharles 109acf07be . 2025-07-02 08:14:06 -05:00
mrcharles 86cded93c5 . 2025-07-02 08:11:26 -05:00
mrcharles ce45ec1684 . 2025-07-02 08:08:16 -05:00
mrcharles 15074a99f4 . 2025-07-02 08:07:45 -05:00
mrcharles 982389fb63 . 2025-07-02 07:56:53 -05:00
mrcharles ede6aa0562 no more curl 2025-07-02 07:54:13 -05:00
mrcharles 89ac84c4e1 final bits of security hardening as i pivot back to finishing monitoring/alerting OAM bits. next week will be all the security. 2025-07-02 07:46:55 -05:00
mrcharles 5eb2f6b3d5 path issues again. 2025-07-02 07:43:59 -05:00
mrcharles a38eac2e77 more path fixes 2025-07-01 20:09:49 -05:00
mrcharles 80dd021217 found a bug 2025-07-01 20:00:53 -05:00
mrcharles 0773dcb372 . 2025-06-30 13:30:35 -05:00
mrcharles 6e6a57f61b D.R.Y. 2025-06-30 13:28:13 -05:00
mrcharles d82c8733fa re-factoring into my shell script framework. 
shifting away from invoking via curl and using a downloaded zip file or git clone.
 2025-06-30 13:07:25 -05:00