Cleaned up. Fixed issues with sms. check out Changelog for more information

Author: nullmonk

Changelog.md

@@ -0,0 +1,10 @@
+## 9/29/16
+# Tauth 1.4
+- Added support for users prefered shell
+- Implemented support for secure ssms with the "AllowSMS email" option WARNING: NO ERROR CHECKING
+- Changed default sms method to 'email'
+- Changed textbelt syntax. Apparently it doesnt support verizon. Or at least mine. Its ok. User sms "Allowsms email" anyway, way more secure
+- Updated readme. command changed from 'TAUTH' to 'tauth'
+- Added Changelog!!
+- Disabled logging, Ill get around to fixing that later
+- Changed name of 'conf' to 'tauth_config'. That is the name it will be when on a server.

README.md

@@ -21,14 +21,14 @@ After installation restart your SSH server
 
 After installing TAUTH, all management is handled with
 
-	$ TAUTH [command]
+	$ tauth [command]
 
 To enable TAUTH for a user
 
-	$ TAUTH add [user]
+	$ tauth add [user]
 
 To remove TAUTH from a specific user
 
-	$ TAUTH remove [user]
+	$ tauth remove [user]
 
-Note: You can manually remove a user from TAUTH by removing "/home/user/.tauth",However "/home/user/.tauth/user_config" is marked as immutable
+Note: You can manually remove a user from TAUTH by removing "/home/user/.tauth",However "/home/user/.tauth/user_config" is marked as immutable

tauth-install.sh

@@ -16,7 +16,7 @@ EMAIL_User=""
 EMAIL_Pass=""
 EMAIL_Serv="smtps://smtp.gmail.com:465"
 AllowEmail="yes"
-AllowSMS="web"
+AllowSMS="email"
 PhoneCarrier="$TAUTH_ROOT/Phoneinfo"
 logs="$TAUTH_CONF_ROOT/tauth.log"
 
@@ -48,8 +48,8 @@ echo "#Whether or not to allow sms. Set to 'no' 'web' or 'email'. Web is insecur
 echo "AllowSMS $AllowSMS"  >> $TAUTH_CONF
 echo "#location of the phone carrier information file" >> $TAUTH_CONF
 echo "PhoneCarrier $PhoneCarrier"  >> $TAUTH_CONF
-echo "#Location of the log file" >> $TAUTH_CONF
-echo "Log $logs" >> $TAUTH_CONF
+#echo "#Location of the log file" >> $TAUTH_CONF
+#echo "Log $logs" >> $TAUTH_CONF
 green "Settings written to $TAUTH_CONF!"
 }
 
@@ -105,9 +105,9 @@ read -p "Enter Gmail password: " -s EMAIL_Pass
 cp $SSH_CONF "$SSH_CONF.bac"
 echo "ForceCommand $TAUTH_ROOT/tauth-login.sh" >> $SSH_CONF
 #create default log file
-echo "STATUS"$'\t'"TIME"$'\t'"USER"$'\t'"IP"$'\t'"HOSTNAME" >> $logs
-chmod 666 $logs
-chattr +a $logs
+#echo "STATUS"$'\t'"TIME"$'\t'"USER"$'\t'"IP"$'\t'"HOSTNAME" >> $logs
+#chmod 666 $logs
+#chattr +a $logs
 write_settings
 green "Install Successfull!"
 green "Please restart SSH server"

tauth-login.sh

@@ -1,4 +1,5 @@
 #!/bin/bash
+# Author Micah Martin - Knif3
 
 VERSION="1.0"
 TAUTH_CONF_ROOT="/etc/tauth"
@@ -49,9 +50,9 @@ if [[ -f $TAUTH_CONF ]]; then
 	EMAIL_Pass=$(cat $TAUTH_CONF | grep EmailPass | awk '{print $2}')
 	EMAIL_Serv=$(cat $TAUTH_CONF | grep EmailServer | awk '{print $2}')
 	ALLOW_EMAIL=$(cat $TAUTH_CONF | grep AllowEmail | awk '{print $2}')
-    	ALLOW_EMAIL=${EMAIL_Only,,}
+    	ALLOW_EMAIL=${ALLOW_EMAIL,,}
 	ALLOW_SMS=$(cat $TAUTH_CONF | grep AllowSMS | awk '{print $2}')
-    	ALLOW_SMS=${EMAIL_Only,,}
+    	ALLOW_SMS=${ALLOW_SMS,,}
 	PHONEINFO=$(cat $TAUTH_CONF | grep PhoneCarrier | awk '{print $2}')
 	LOG=$(cat $TAUTH_CONF | grep AllowEmail | awk '{print $2}')
 #	if [ $SSH_CONF == "" | $EMAIL_Only == "" ]; then
@@ -77,11 +78,13 @@ while true; do
 		send "email"
 		break;;
         "sms" | "SMS" | "s" )
-		if [ "$EMAIL_Only" = "yes" ]; then
-			red "No SMS service! Sending email..."
-			send "email"
+		if [ "$ALLOW_SMS" == "web" ]; then
+		    send "sms"
+		elif [ "$ALLOW_SMS" == "email" ]; then
+		    send "ssms"
 		else
-			send "sms"
+		    red "No SMS service! Sending email..."
+		    send "email"
 		fi
 		break;;
         * ) echo "Please choose SMS or EMAIL";;
@@ -98,10 +101,10 @@ SFIN="$SHOST [$SIP]"
 
 log() {
 #log a command with status of $1
-echo "$1"$'\t'"$(date +"%m-%d-%y_%H:%M:%S")"$'\t'"$(whoami)"$'\t'"$SIP"$'\t'"$SHOST" >> $LOG
+#echo "$1"$'\t'"$(date +"%m-%d-%y_%H:%M:%S")"$'\t'"$(whoami)"$'\t'"$SIP"$'\t'"$SHOST" >> $LOG
 }
 
-#send mode[sms|email]
+#send mode[ssms|sms|email]
 send() {
 
 if [ $1 == "email" ]; then
@@ -120,6 +123,12 @@ elif [ $1 == "sms" ]; then
 		red "Sending code failed!! Restart to try Email"
 		exit
 	fi
+# secure sms setup with email to text
+elif [ $1 == "ssms" ]; then
+	echo -e "Subject: TAUTH code\n\nCode: $code\nFrom: $SFIN" > /tmp/mail.txt
+	curl -sS --url "$EMAIL_Serv" --ssl-reqd --mail-from "$EMAIL_User" --mail-rcpt "$PHONE$CARRIER" --upload-file /tmp/mail.txt --user "$EMAIL_User:$EMAIL_Pass" --insecure
+	green "Text sent to $(whoami)"
+	rm /tmp/mail.txt
 else
 	red "No email to text service!"
 	exit
@@ -161,8 +170,10 @@ fi
 
 tauth_login() {
 if [ $1 == $code ]; then
-	/bin/bash
-	blue "Thank you for using t-auth"	
+	# /bin/bash
+	# testing users preffered shell
+	$(getent passwd $USER | cut -d: -f7)
+	blue "Thank you for using tauth"	
 	exit
 else
 	red "Incorrect! Removing from server..."

tauth-manager.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-VERSION="1.3"
+VERSION="1.4"
 #Colors for display
 NOCOLOR='\033[0m'
 TAUTHROOT="/usr/local/tauth"

conf tauth_config

@@ -5,8 +5,9 @@ EmailServer smtps://smtp.gmail.com:465
 #Whether or not to allow email. Set to yes or no
 AllowEmail yes
 #Whether or not to allow sms. Set to 'no' 'web' or 'email'. Web is insecure if the network that the server is on can be sniffed, However, this does not require Phone Carriers
-AllowSMS web
+AllowSMS email
 #location of the phone carrier information file
 Phoneinfo /etc/tauth/Phoneinfo
 #Location of the log file
-Log /var/log/tauth/tauth.log
+#Log /var/log/tauth/tauth.log
+#Logging disabled for now