Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated test phase tutorial #48

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
+7 −3
Open

Updated test phase tutorial #48

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 7 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,12 +143,12 @@ auth requisite pam_deny.so

## Testing

It is easy to do a quick test to ensure the duress module is working properly.
It is easy to do a quick test to ensure the duress module is working properly. make sure to replace "user" by your username.

```bash
$> mkdir -p ~/.duress
$> echo '#!/bin/sh
echo "Hello World"' > ~/.duress/hello.sh
echo "Hello World" > /home/user/test.txt' > ~/.duress/hello.sh
Copy link

@DusanLesan DusanLesan Sep 7, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is purpose of this change? Instead of directly getting the "Hello World" echoed to the output, users would now need to read from the file.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DusanLesan, this was in response to issue #47 which I'm still finding time to replicate and am hoping to get it done today. My commentary would be if the desired intent of changing the demo would be to put it in a file (which is honestly how I did it initially) then /tmp/test.txt would be a better option to target.

If I can replicate the error then it's worth the change in the demo guide. Just need to see if some change in bookworm made the output to stdout inoperable.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just tried it out now and am unable to replicate #47, so this is still unconfirmed as a needed change. Still going to hear out @m6n50u7 until the issue is resolved to their satisfaction or the tutorial is deemed satisfactory with obvious caveats that some installations may have configurations that necessitate departure from the tutorial to confirm functionality.

$> duress_sign ~/.duress/hello.sh
Password: # Enter a duress password that is NOT your actual password.
Confirm:
Expand All @@ -157,14 +157,18 @@ $> chmod 400 ~/.duress/hello.sh.sha256
$> sudo pam_test $USER
Credentials accepted.
Password: # Enter the password you signed the hello.sh script with.
Hello World # This output is from the duress script...
Account is valid. # ...and we still got a valid authentication.
Authenticated
$> cat ~/test.txt
Hello World # This shows the test.txt file was created and therefore the script was executed
$> rm test.txt
$> sudo pam_test $USER
Credentials accepted.
Password: # Now enter your actual password.
Account is valid. # Note, Hello World doesn't print.
Authenticated
$> cat ~/test.txt
cat: /home/user/test.txt: No such file or directory # this shows the file wasn't created and therefore the script wasn't executed
```

## Example Implementations
Expand Down