StoredSafe 2.0: Generalhttps://tracker.storedsafe.com/https://tracker.storedsafe.com/favicon.ico?15768422422020-09-15T06:23:31ZStoredSafe
Redmine General: Release Notes 2.1.0https://tracker.storedsafe.com/boards/1/topics/222020-09-15T06:23:31ZFredrik Söderblom
<a name="StoredSafe-v210"></a>
<h1 >StoredSafe v2.1.0<a href="#StoredSafe-v210" class="wiki-anchor">¶</a></h1>
<p><strong>Release Notes</strong></p>
<p>Over 100 issues/tickets/feature requests has been taken care of.</p>
<a name="Security"></a>
<h3 >Security<a href="#Security" class="wiki-anchor">¶</a></h3>
<ul>
<li>Updates to the underlying OS.</li>
</ul>
<a name="GUI"></a>
<h3 >GUI<a href="#GUI" class="wiki-anchor">¶</a></h3>
<ul>
<li>New, fully responsive GUI, to assure good user experience on mobile platforms, as well as computers with various screen sizes.</li>
</ul>
<a name="Console"></a>
<h3 >Console<a href="#Console" class="wiki-anchor">¶</a></h3>
<ul>
<li>Support for bonding</li>
<li>System health (RAID, StoredSafe statistics etc) reported regulary back via the web UI</li>
<li>New licensing system, still gentleman's agreement, but makes</li>
</ul>
<a name="Plattform"></a>
<h3 >Plattform<a href="#Plattform" class="wiki-anchor">¶</a></h3>
<ul>
<li>CSR And Key-files generated and stored within your secure vault.</li>
<li>Updated REST functionality.</li>
<li>Audit log performance raised by 70%</li>
<li>New Information page showing some vital statusinformation and alarms.</li>
<li>Documentation updated (<a class="external" href="https://docs.storedsafe.com">https://docs.storedsafe.com</a> and <a class="external" href="https://developer.storedsafe.com">https://developer.storedsafe.com</a>)</li>
</ul> General: Release Notes 2.0.5https://tracker.storedsafe.com/boards/1/topics/182018-04-09T07:08:48ZRedmine Adminsupport@storedsafe.com
<a name="StoredSafe-v205"></a>
<h1 >StoredSafe v2.0.5<a href="#StoredSafe-v205" class="wiki-anchor">¶</a></h1>
<p><strong>Release Notes</strong></p>
<p>Finally again! Over 80 issues/tickets/requests has been taken care of.<br />The biggest change is that the we released support for TOTP based authentication for both the normal StoredSafe app but also for the 2FA module. There has also been a major overhaul of the OS with alot of changes under the hood in order to stay more current.</p>
<a name="Security"></a>
<h3 >Security<a href="#Security" class="wiki-anchor">¶</a></h3>
<p>• Patches patches and patches, not specifically to StoredSafe but the underlaying OS and such.<br />• TOTP 2FA for login and such. <br />• Improved and clearer shoulder-surfing protection (ESC key) <br />• Improved random harvesting in certain situations.<br />• FSP Tweaked.</p>
<a name="GUI"></a>
<h3 >GUI<a href="#GUI" class="wiki-anchor">¶</a></h3>
<p>• There is added functionality for audit logging.<br />• Files drag’n’drop now has a more logical colouring scheme<br />• New login tab for other methods, look for even more in a near future.<br />• Next release will most likely be a overhaul of the UI.<br />• Input improvements for the search dialogue.</p>
<a name="Console"></a>
<h3 >Console<a href="#Console" class="wiki-anchor">¶</a></h3>
<p>• Some minor tweaks and bugfixes.<br />• Rework for the new plattform.</p>
<a name="Plattform"></a>
<h3 >Plattform<a href="#Plattform" class="wiki-anchor">¶</a></h3>
<p>• Major changes, basically everything has changed, i do mean everything ranging from everyday binaries, kernels to systemd/dbus etc.</p>
<a name="2FA"></a>
<h3 >2FA<a href="#2FA" class="wiki-anchor">¶</a></h3>
<p>• TOTP.</p>
<a name="Fluffy-stuff"></a>
<h3 >Fluffy stuff<a href="#Fluffy-stuff" class="wiki-anchor">¶</a></h3>
<p>• Now availible as a Service, and soon as virtual appliance, contact sales for more information/details.</p> General: Release Notes 2.0.4https://tracker.storedsafe.com/boards/1/topics/172017-04-27T13:03:12ZPeter Norinpeter.norin@storedsafe.com
<a name="204"></a>
<h3 >2.0.4<a href="#204" class="wiki-anchor">¶</a></h3>
<p>Finally! This release has taken a bit longer than we would expect but there is a lot of changes. Over 100 issues/tickets/requests has been taken care of.<br />The biggest change is that the version 1.0 REST-like API is now in place. There is also much new stuff for the certificate module.<br />For sake of clarity and easier understanding what was once called a group is now called vault. <br />This does not change the behaviour at all but makes it clearer what it actually is, a group is a vault protecting its objects.</p>
<a name="Security"></a>
<h3 >Security<a href="#Security" class="wiki-anchor">¶</a></h3>
<p>• Patches patches and patches, not specifically to StoredSafe but the underlaying OS and such.<br />• CSP implemented.<br />• More tweaks for CSRF/XSS</p>
<a name="GUI"></a>
<h3 >GUI<a href="#GUI" class="wiki-anchor">¶</a></h3>
<p>• There is added functionality for audit logging.<br />• Files are now drag’n’drop instead of picker.<br />• Some wording in policies has been fixed to more accurately describe the actual policy.<br />• Fixed some login annoyance with stale sessions.</p>
<a name="Console"></a>
<h3 >Console<a href="#Console" class="wiki-anchor">¶</a></h3>
<p>• API keys can now be generated from the console for accessing the API.<br />• Added more space in the arrays for local firewall rules.<br />• There is now a undelete function for accidental delete of objects.<br />• Automated restore function.</p>
<a name="Plattform"></a>
<h3 >Plattform<a href="#Plattform" class="wiki-anchor">¶</a></h3>
<p>• The REST-Like API is here which means that you can use your favourite programming language to access the resources or write your own client of WEBUI. <br />We have some ideas for browser extensions that might pop up. Also there is some thoughts about Ansible/Puppet plugins, stay tuned. <br />• Logging has been improved. <br />• An embryo of PubSub has been implemented as our internal messaging system.<br />• New garbage collector for sessions.</p>
<a name="2FA"></a>
<h3 >2FA<a href="#2FA" class="wiki-anchor">¶</a></h3>
<p>• 2FA now correctly sends NAS-Identifier as attribute.<br />• Support for Multiple backends and failover between them.</p> General: Opensource Donationhttps://tracker.storedsafe.com/boards/1/topics/162016-05-12T13:50:44ZPeter Norinpeter.norin@storedsafe.com
<p>As promised we made a yearly donation to a opensource project of great importance to us.</p>
<p>This year the beneficiary will be GnuPG, keep up the good work!</p> General: Patch cycleshttps://tracker.storedsafe.com/boards/1/topics/132016-04-15T11:18:49ZPeter Norinpeter.norin@storedsafe.com
<p>We have decided to release batched current builds every week, this to satisfy customers need to keep update with current events.</p>
<p>files will be found under the files section.<br />Weekly builds should be used with caution since they are not extensively tested, however the only difference should be distro related patches.<br />Current is 2.0.3</p> General: RE: storedsafe as a validation server with pam_yubicohttps://tracker.storedsafe.com/boards/1/topics/9?r=10#message-102015-09-23T13:49:42ZFredrik Söderblom
<p>Are you using a fairly new version of pam_yubico? I think the newer versions of yubico-pam is using libykclient (<a class="external" href="https://github.com/Yubico/yubico-c-client">https://github.com/Yubico/yubico-c-client</a>), which adds, and checks, the nonce parameter.</p> General: storedsafe as a validation server with pam_yubicohttps://tracker.storedsafe.com/boards/1/topics/92015-09-23T09:07:40ZMarcus Pameliamarcus.pamelia@trioptima.com
<p>I want to use storedsafe as a validation server using pam_yubico, according to verify.php the nonce parameter is required and to me it seems pam_yubico doesn't support that. See <a class="external" href="https://github.com/Yubico/yubico-pam/blob/master/README">https://github.com/Yubico/yubico-pam/blob/master/README</a>.<br />Do you have any suggestions?</p> General: Release notes 2.0.3https://tracker.storedsafe.com/boards/1/topics/72015-06-30T10:40:43ZPeter Norinpeter.norin@storedsafe.com
<a name="203"></a>
<h2 >2.0.3<a href="#203" class="wiki-anchor">¶</a></h2>
<p>The focus was the new web based compliment to administer the Radius related settings.</p>
<a name="Security"></a>
<h3 >Security<a href="#Security" class="wiki-anchor">¶</a></h3>
<ul>
<li>Fixed mitigation for overlayfs bug in linux kernel</li>
</ul>
<a name="GUI"></a>
<h3 >GUI<a href="#GUI" class="wiki-anchor">¶</a></h3>
<ul>
<li>Added Radius administration interface.</li>
<li>Fixed a bug with a pipe character in certain conditions as a password.</li>
<li>Fixed a bug relating to the JSON import feature.</li>
</ul>
<a name="Console"></a>
<h3 >Console<a href="#Console" class="wiki-anchor">¶</a></h3>
<ul>
<li>Added controls to make sure the user actually wants to logout from the console.</li>
<li>Added other means of upgrade mechanisms aside from USB.</li>
</ul>
<a name="Plattform"></a>
<h3 >Plattform<a href="#Plattform" class="wiki-anchor">¶</a></h3>
<ul>
<li>Added means to control log retention for the Radius postauth log.</li>
<li>Fixed a startup issue for the Radius daemon.</li>
<li>Changed the verbosity for the snmpd which was a bit to high.</li>
<li>Removed some unnecessary server side service signatures.</li>
</ul> General: Release notes 2.0.2https://tracker.storedsafe.com/boards/1/topics/42014-12-10T08:02:49ZPeter Norinpeter.norin@storedsafe.com
<a name="Plattform"></a>
<h2 >Plattform:<a href="#Plattform" class="wiki-anchor">¶</a></h2>
<a name="Security"></a>
<h3 >Security<a href="#Security" class="wiki-anchor">¶</a></h3>
<ul>
<li>Fixed mitigation for POODLE (no more SSLv3)</li>
<li>Fixed a potential CSRF issue</li>
<li>Patch for shellshock</li>
</ul>
<a name="GUI"></a>
<h3 >GUI<a href="#GUI" class="wiki-anchor">¶</a></h3>
<ul>
<li>Added some missing “back” buttons</li>
<li>Fixed so that deactivated users no longer are displayed in groups</li>
<li>Slightly new design </li>
<li>Fixed display bug in Safari (create user)</li>
<li>Added support to add multiple yubikeys to one user</li>
</ul>
<a name="Console"></a>
<h3 >Console<a href="#Console" class="wiki-anchor">¶</a></h3>
<ul>
<li>Added display of “path” in console </li>
<li>Fixed a display of version in console</li>
<li>Fixed a display bug in create-backup</li>
<li>Fixed a bug in the restart of rsyslog</li>
<li>Fixed a bug in the FSP (Filesystem Policy Checker) for snmp related files</li>
<li>Fixed a bug when adding firewall rules 80 vs 80 and 443</li>
<li>Fixed a display bug while displaying groups for a user in console</li>
</ul>
<a name="Feature"></a>
<h3 >Feature<a href="#Feature" class="wiki-anchor">¶</a></h3>
<ul>
<li>Improved syslog functionality</li>
</ul>
<a name="Products"></a>
<h2 >Products:<a href="#Products" class="wiki-anchor">¶</a></h2>
<a name="Password-StoredSafe"></a>
<h3 >Password StoredSafe<a href="#Password-StoredSafe" class="wiki-anchor">¶</a></h3>
<ul>
<li>Added ability to mask/hide passwords that are decrypted (by pressing ESC)</li>
<li>Added import of objects in JSON format</li>
<li>Clarified creation date for files and objects</li>
<li>Fixed a display issue for “seen objects”</li>
<li>Added sort functionality on object metadata</li>
</ul>
<a name="File-StoredSafe"></a>
<h3 >File StoredSafe<a href="#File-StoredSafe" class="wiki-anchor">¶</a></h3>
<ul>
<li>Clarified creation date for files and objects</li>
<li>Fixed a display issue for “seen objects”</li>
<li>Added sort functionality on object metadata</li>
</ul>
<a name="RADIUS-StoredSafe"></a>
<h3 >RADIUS StoredSafe<a href="#RADIUS-StoredSafe" class="wiki-anchor">¶</a></h3>
<ul>
<li>Added support for per client choice of radius mode</li>
<li>Added support for per client choice of backend mode</li>
<li>Added support for otp-bypass for service accounts</li>
<li>Added support for opportunistic TLS for yubico auth, if you have self or organisational signed certs</li>
<li>Fixed display of logs from both radius nodes</li>
</ul>