Skip to content

fix: harden SSH and Samba setup flows#1242

Open
Abs313a wants to merge 2 commits intoChrisTitusTech:mainfrom
Abs313a:SSH-hotfix
Open

fix: harden SSH and Samba setup flows#1242
Abs313a wants to merge 2 commits intoChrisTitusTech:mainfrom
Abs313a:SSH-hotfix

Conversation

@Abs313a
Copy link
Copy Markdown
Contributor

@Abs313a Abs313a commented Apr 1, 2026
edited
Loading

Type of Change

  • New feature
  • Bug fix
  • Documentation update
  • Refactoring
  • Security patch
  • UI/UX improvement

Summary

  • Harden the SSH Samba and SSH Commands utilities so setup and teardown behave reliably across normal user flows and distro differences.

Issues addressed

  1. SSH Samba accepted arbitrary Samba usernames even though smbpasswd -a only works for an existing local Unix account, which caused setup failure for valid-looking but nonexistent usernames.
  2. SSH Samba asked for a Samba password twice, reported success, then ignored those values and invoked interactive smbpasswd -a anyway.
  3. SSH Samba did not validate smb.conf with testparm before enabling services.
  4. SSH Samba handled existing configs poorly by not recovering the configured share path from smb.conf for its success output.
  5. Firewall setup relied on UFW profile names like OpenSSH and Samba, which are not portable across systems.
  6. SSH Commands assumed remote privilege escalation via sudo -S, even though the shared escalation path also allows doas.
  7. SSH Commands edited ~/.ssh/config using fixed line ranges, which was inconsistent with the host blocks it actually writes.
  8. SSH Samba had no built-in way to safely remove previously applied service, firewall, or local SSH setup.

Issues / other PRs related

Screenshots (if applicable)

@Abs313a Abs313a requested a review from ChrisTitusTech as a code owner April 1, 2026 17:13
@Abs313a
Copy link
Copy Markdown
Contributor Author

Abs313a commented Apr 1, 2026

Implemented and validated the SSH/Samba hardening changes.

What changed:

  • Hardened SSH Samba setup by validating local Samba users before calling smbpasswd -a.
  • Removed the misleading password-confirmation flow and now rely on the real Samba password step.
  • Added testparm validation before enabling Samba services.
  • Fixed existing-config handling so the configured share path is recovered and shown correctly.
  • Added UFW fallback behavior for systems where OpenSSH / Samba profiles are not available.
  • Hardened SSH Commands remote auth toggles so they do not assume sudo -S on the remote side.
  • Fixed local ~/.ssh/config host entry handling to operate on full host blocks instead of fixed line ranges.
  • Added a safe Remove Setup flow for SSH/Samba teardown, including SSH service setup, Samba service setup, SSH firewall rules, local SSH host entries, and remove-all.

Validation performed:

  • Setup All.
  • Existing Samba config flow with both Y and N.
  • Remove all.
  • Full remove -> setup cycle.
  • shellcheck.
  • cargo clippy --workspace --all-targets --all-features.
  • typos (only existing false positives outside these changes).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChrisTitusTech ChrisTitusTech Awaiting requested review from ChrisTitusTech ChrisTitusTech is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bug script UI update

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Abs313a