bike/Yellow-Bike-Database-Mirror
1
0
Fork 0
mirror of https://github.com/fspc/Yellow-Bike-Database.git synced 2025-02-22 17:03:22 -05:00
Code Issues Projects Releases Wiki Activity

Adds some more clarity.

Browse Source
This commit is contained in:
Jonathan Rosenbaum 2015-03-19 07:37:45 +00:00
parent 6754c9a324
commit 358a507022
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
examples/secure-terminals.txt
View File

@ -37,8 +37,8 @@ Firefox (IceWeasel):
5. mv KeePass.config.xml KeePass.config.enforced.xml
6. sudo chown root:root KeePass.config.enforced.xml
7. sudo chmod 0444 KeePass.config.enforced.xml
8. Most importantly in KeePass.config.enforced.xml change true to
<UnhidePasswords>false</UnhidePasswords> so that passwords cannot be seen.
8. Most importantly in KeePass.config.enforced.xml between <Security> change true to
<Policy><UnhidePasswords>false</UnhidePasswords></Policy> so that passwords cannot be seen.
9. In Debian/Ubuntu: apt-get install mono-runtime mono-devel
10. Install KeeFox extension from https://addons.mozilla.org/en-us/firefox/addon/keefox/
11. KeeFox will tell you where to copy KeePassRPC.plgx from into the plugins directory
@ -56,8 +56,8 @@ Chrome:
4. mv KeePass.config.xml KeePass.config.enforced.xml
5. sudo chown root:root KeePass.config.enforced.xml
6. sudo chmod 0444 KeePass.config.enforced.xml
7. Most importantly in KeePass.config.enforced.xml change true to
<UnhidePasswords>false</UnhidePasswords> so that passwords cannot be seen.
7. Most importantly in KeePass.config.enforced.xml between <Security> change true to
<Policy><UnhidePasswords>false</UnhidePasswords></Policy> so that passwords cannot be seen.
8. When setting up password database for KeePass use only a key file.
9. Add the url along with username and password in the database.
10. In Debian/Ubuntu: apt-get install mono-runtime mono-devel
@ -85,13 +85,17 @@ Example commands that bring up the gui setting tool:
1. xfce4-power-manager-settings (eg., used by wattos for LXDE)
2. mate-power-manager-settings or mate-power-preferences
SUMMARY
There are other things that can be done within the terminal to prevent tampering, e.g., read-only environment,
but what is above protects the password from hacking, eavesdropping, and from regular users
in the shop, basically, only the sysadmin and bookkeeper should have remote access via the password.
in the shop, basically, only the sysadmin and bookkeeper should have remote access via the password.
So while YBDB is on the internet, it will only be available to the terminal(s) you allow it to be on, and
the Point of Sale will be at the proper location which is usually the front of the Community Bike Shop where people
walk-in/walk-out.
Word of wisdom: It is always good practice to occasionally change the password.