Renamed to Bastillion for EC2

README.md

@@ -1,38 +1,27 @@
-EC2Box
+Bastillion for EC2
 ======
 A web-based ssh console to execute commands and manage multiple EC2 instances
-simultaneously running on Amazon Web Services (AWS). EC2Box allows you to share
+simultaneously running on Amazon Web Services (AWS). Bastillion-EC2 allows you to share
 terminal commands and upload files to all your EC2 instances. Once the sessions
 have been opened you can select a single EC2 instance or any combination to run
 your commands.  Also, additional instance administrators can be added and their
 terminal sessions and history can be audited.  
 
-![Terminals](https://www.sshkeybox.com/images/500x300/ec2box.png)
+![Terminals](https://www.bastillion.io/images/500x300/bastillion.png)
 
-AMI in the AWS Marketplace
-------
-The simplest way to get started is to run the AMI from the AWS Marketplace.
-
-http://aws.amazon.com/marketplace/pp/B076D7XMK6
-
-Once the EC2Box instance is up and running, open your browser to https://\<EC2 Instance IP\>:443
-
-Login with 
 
-	username:admin 
-	password:<Instance ID>
-
-EC2Box Releases
+Bastillion for EC2 Releases
 ------
-This software is free for non-commercial use under the AGPL licence!
-
-Commercial users can purchase a license through an annual subscription and access the binary releases. 
+Commercial users can purchase a license through an annual subscription and access the binary releases.
 
-https://www.sshkeybox.com/subscription
+https://www.bastillion.io/subscription
 
 Also, users can purchase through the AWS Marketplace.
 
-Feel free to try out EC2Box using the build instructions below!
+Feel free to try out Bastillion for a limited amount of users(6)!
+
+https://github.com/bastillion-io/Bastillion-EC2/releases
+
 
 Prerequisites
 -------------
@@ -50,7 +39,7 @@ Prerequisites
 
 **Loophole MVC**  *(Only needed if building from source)*
 
-> https://github.com/skavanagh/lmvc
+> https://github.com/bastillion-io/lmvc
 
 **Install [FreeOTP](https://freeotp.github.io/) or [Google Authenticator](https://github.com/google/google-authenticator)** to enable two-factor authentication with Android or iOS
 
@@ -73,7 +62,7 @@ In the directory that contains the pom.xml run
 
 *Note: Doing a mvn clean will delete the H2 DB and wipe out all the data.*
 
-Using EC2Box
+Using Bastillion-EC2
 ------
 Open browser to https://\<whatever ip\>:8443
 
@@ -86,20 +75,20 @@ Login with
 
 Steps:
 
-1. Set your AWS credentials for the following properties in the EC2Box.properties file. 
+1. Set your AWS credentials for the following properties in the Bastillion-EC2.properties file. 
 	```
 	#AWS IAM access key
 	accessKey=
 	#AWS IAM secret key
 	secretKey=
 	```    
-2. Configure an IAM Role with Account ID for your user and set generated ARN in EC2Box
-3. Import the EC2Box public SSH key to the EC2 AWS console.
+2. Configure an IAM Role with Account ID for your user and set generated ARN in Bastillion-EC2
+3. Import the Bastillion-EC2 public SSH key to the EC2 AWS console.
 4. Create EC2 instanaces with the imported key.
 5. Start composite-ssh sessions or create and execute a script across multiple sessions
 6. Add instance administrator accounts
 
-More info at https://www.sshkeybox.com/docs/ec2box
+More info at https://www.bastillion.io/docs/bastillion
 
 Restricting User Access
 ------
@@ -119,7 +108,7 @@ or multiple
 
 Supplying a Custom SSH Key Pair
 ------
-EC2Box generates its own public/private SSH key upon initial startup for use when registering systems.  You can specify a custom SSH key pair in the EC2BoxConfig.properties file.
+Bastillion-EC2 generates its own public/private SSH key upon initial startup for use when registering systems.  You can specify a custom SSH key pair in the Bastillion-EC2Config.properties file.
 
 For example:
 
@@ -142,7 +131,7 @@ After startup and once the key has been registered it can then be removed from t
 
 External Authentication
 ------
-External Authentication can be enabled through the EC2BoxConfig.properties.
+External Authentication can be enabled through the Bastillion-EC2Config.properties.
 
 For example:
 
@@ -153,7 +142,7 @@ Connection details need to be set in the jaas.conf file
 
     ldap-ol {
     	com.sun.security.auth.module.LdapLoginModule SUFFICIENT
-    	userProvider="ldap://hostname:389/ou=example,dc=ec2box,dc=com"
+    	userProvider="ldap://hostname:389/ou=example,dc=bastillion,dc=com"
     	userFilter="(&(uid={USERNAME})(objectClass=inetOrgPerson))"
     	authzIdentity="{cn}"
     	useSSL=false
@@ -163,7 +152,7 @@ Connection details need to be set in the jaas.conf file
 
 Administrators will be added as they are authenticated and profiles of systems may be assigned by full-privileged users.
 
-User LDAP roles can be mapped to profiles defined in EC2Box through the use of the org.eclipse.jetty.jaas.spi.LdapLoginModule.
+User LDAP roles can be mapped to profiles defined in Bastillion-EC2 through the use of the org.eclipse.jetty.jaas.spi.LdapLoginModule.
 
     ldap-ol-with-roles {
         //openldap auth with roles that can map to profiles
@@ -177,12 +166,12 @@ User LDAP roles can be mapped to profiles defined in EC2Box through the use of t
         bindPassword="<BIND-DN PASSWORD>"
         authenticationMethod="simple"
         forceBindingLogin="true"
-        userBaseDn="ou=users,dc=ec2box,dc=com"
+        userBaseDn="ou=users,dc=bastillion,dc=com"
         userRdnAttribute="uid"
         userIdAttribute="uid"
         userPasswordAttribute="userPassword"
         userObjectClass="inetOrgPerson"
-        roleBaseDn="ou=groups,dc=ec2box,dc=com"
+        roleBaseDn="ou=groups,dc=bastillion,dc=com"
         roleNameAttribute="cn"
         roleMemberAttribute="member"
         roleObjectClass="groupOfNames";
@@ -192,17 +181,17 @@ Users will be added/removed from defined profiles as they login and when the rol
 
 Screenshots
 -----------
-![Two-Factor](https://www.sshkeybox.com/images/screenshots/medium/ec2box/two-factor.png)
+![Two-Factor](https://www.bastillion.io/images/screenshots/medium/bastillion/two-factor.png)
 
-![Importing Keys](https://www.sshkeybox.com/images/screenshots/medium/ec2box/importing_keys.png)
+![Importing Keys](https://www.bastillion.io/images/screenshots/medium/bastillion/importing_keys.png)
 
-![Select Instances](https://www.sshkeybox.com/images/screenshots/medium/ec2box/select_instances.png)
+![Select Instances](https://www.bastillion.io/images/screenshots/medium/bastillion/select_instances.png)
 
-![More Terminals](https://www.sshkeybox.com/images/screenshots/medium/ec2box/more_terms.png)
+![More Terminals](https://www.bastillion.io/images/screenshots/medium/bastillion/more_terms.png)
 
-![Upload Files](https://www.sshkeybox.com/images/screenshots/medium/ec2box/upload_files.png)
+![Upload Files](https://www.bastillion.io/images/screenshots/medium/bastillion/upload_files.png)
 
-![Disconnect](https://www.sshkeybox.com/images/screenshots/medium/ec2box/disconnect.png)
+![Disconnect](https://www.bastillion.io/images/screenshots/medium/bastillion/disconnect.png)
 
 Acknowledgments
 ------
@@ -215,11 +204,11 @@ Third-party dependencies are mentioned in the [_3rdPartyLicenses.md_](3rdPartyLi
 
 Dual License
 -----------
-EC2Box is available for non-commercial use under the Affero General Public License
+Bastillion-EC2 is available for non-commercial use under the Affero General Public License
 
 A commercial license is also available through a subscription
 
-https://www.sshkeybox.com/subscription
+https://www.bastillion.io/subscription
 
 or when running an AMI from the AWS marketplace.
 

pom.xml

@@ -2,11 +2,11 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <groupId>com.ec2box</groupId>
-    <artifactId>ec2box</artifactId>
-    <version>1.51.00-SNAPSHOT</version>
+    <groupId>io.bastillion</groupId>
+    <artifactId>bastillion-ec2</artifactId>
+    <version>1.60.00</version>
     <packaging>war</packaging>
-    <name>EC2Box</name>
+    <name>Bastillion for EC2</name>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <maven.compiler.source>1.9</maven.compiler.source>

src/main/java/com/ec2box/common/db/DBInitServlet.java → src/main/java/io/bastillion/common/db/DBInitServlet.java

@@ -25,13 +25,13 @@
  *    exception statement from all source files in the program, then also delete
  *    it in the license file.
  */
-package com.ec2box.common.db;
+package io.bastillion.common.db;
 
-import com.ec2box.common.util.AppConfig;
-import com.ec2box.manage.model.Auth;
-import com.ec2box.manage.util.DBUtils;
-import com.ec2box.manage.util.EncryptionUtil;
-import com.ec2box.manage.util.SSHUtil;
+import io.bastillion.common.util.AppConfig;
+import io.bastillion.manage.model.Auth;
+import io.bastillion.manage.util.DBUtils;
+import io.bastillion.manage.util.EncryptionUtil;
+import io.bastillion.manage.util.SSHUtil;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -129,11 +129,12 @@ public void init(ServletConfig config) throws ServletException {
 
                 statement.executeUpdate("create table if not exists session_log (id BIGINT PRIMARY KEY AUTO_INCREMENT, session_tm timestamp default CURRENT_TIMESTAMP, first_nm varchar, last_nm varchar, username varchar not null, ip_address varchar)");
                 statement.executeUpdate("create table if not exists terminal_log (session_id BIGINT, instance_id INTEGER, output varchar not null, log_tm timestamp default CURRENT_TIMESTAMP, display_nm varchar not null, user varchar not null, host varchar not null, port INTEGER not null, foreign key (session_id) references session_log(id) on delete cascade)");
+                statement.executeUpdate("create table if not exists license (id INTEGER PRIMARY KEY AUTO_INCREMENT, license_tx varchar not null)");
 
                 //if exists readfile to set default password
                 String salt = EncryptionUtil.generateSalt();
                 String defaultPassword = EncryptionUtil.hash("changeme" + salt);
-                File file = new File("/opt/ec2box/instance_id");
+                File file = new File("/opt/bastillion-ec2/instance_id");
                 if (file.exists()) {
                     String str = FileUtils.readFileToString(file, "UTF-8");
                     if(StringUtils.isNotEmpty(str)) {
@@ -157,7 +158,7 @@ public void init(ServletConfig config) throws ServletException {
                 DBUtils.closeStmt(pStmt);
 
                 //generate new key and insert passphrase
-                System.out.println("Setting EC2Box SSH public/private key pair");
+                System.out.println("Setting Bastillion for EC2 SSH public/private key pair");
 
                 //generate application pub/pvt key and get values
                 String passphrase = SSHUtil.keyGen();
@@ -172,7 +173,7 @@ public void init(ServletConfig config) throws ServletException {
                 pStmt.execute();
                 DBUtils.closeStmt(pStmt);
 
-                System.out.println("EC2Box Generated Global Public Key:");
+                System.out.println("Bastillion for EC2 Generated Global Public Key:");
                 System.out.println(publicKey);
 
                 //set config to default

src/main/java/com/ec2box/common/filter/AuthFilter.java → src/main/java/io/bastillion/common/filter/AuthFilter.java

@@ -25,18 +25,19 @@
  *    exception statement from all source files in the program, then also delete
  *    it in the license file.
  */
-package com.ec2box.common.filter;
+package io.bastillion.common.filter;
 
-import com.ec2box.common.util.AuthUtil;
-import com.ec2box.manage.db.AuthDB;
-import com.ec2box.manage.model.Auth;
+import io.bastillion.common.util.AuthUtil;
+import io.bastillion.manage.db.AuthDB;
+import io.bastillion.manage.model.Auth;
 
 import javax.servlet.*;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 

src/main/java/com/ec2box/common/util/AppConfig.java → src/main/java/io/bastillion/common/util/AppConfig.java

@@ -25,9 +25,9 @@
  *    exception statement from all source files in the program, then also delete
  *    it in the license file.
  */
-package com.ec2box.common.util;
+package io.bastillion.common.util;
 
-import com.ec2box.manage.util.EncryptionUtil;
+import io.bastillion.manage.util.EncryptionUtil;
 import org.apache.commons.configuration.PropertiesConfiguration;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -51,18 +51,18 @@ public class AppConfig {
         try {
             //move configuration to specified dir
             if (StringUtils.isNotEmpty(System.getProperty("CONFIG_DIR"))) {
-                File configFile = new File(CONFIG_DIR + "/EC2BoxConfig.properties");
+                File configFile = new File(CONFIG_DIR + "BastillionConfig.properties");
                 if (!configFile.exists()) {
-                    File oldConfig = new File(AppConfig.class.getClassLoader().getResource(".").getPath() + "/EC2BoxConfig.properties");
+                    File oldConfig = new File(AppConfig.class.getClassLoader().getResource(".").getPath() + "BastillionConfig.properties");
                     FileUtils.moveFile(oldConfig, configFile);
                 }
-                configFile = new File(CONFIG_DIR + "/jaas.conf");
+                configFile = new File(CONFIG_DIR + "jaas.conf");
                 if (!configFile.exists()) {
-                    File oldConfig = new File(AppConfig.class.getClassLoader().getResource(".").getPath() + "/jaas.conf");
+                    File oldConfig = new File(AppConfig.class.getClassLoader().getResource(".").getPath() + "jaas.conf");
                     FileUtils.moveFile(oldConfig, configFile);
                 }
             }
-            prop = new PropertiesConfiguration(CONFIG_DIR + "/EC2BoxConfig.properties");
+            prop = new PropertiesConfiguration(CONFIG_DIR + "BastillionConfig.properties");
         } catch (Exception ex) {
             log.error(ex.toString(), ex);
         }

src/main/java/com/ec2box/common/util/AuthUtil.java → src/main/java/io/bastillion/common/util/AuthUtil.java

@@ -25,9 +25,9 @@
  *    exception statement from all source files in the program, then also delete
  *    it in the license file.
  */
-package com.ec2box.common.util;
+package io.bastillion.common.util;
 
-import com.ec2box.manage.util.EncryptionUtil;
+import io.bastillion.manage.util.EncryptionUtil;
 import org.apache.commons.lang3.StringUtils;
 
 import javax.servlet.http.HttpServletRequest;

src/main/java/com/ec2box/manage/control/IAMRoleKtrl.java → src/main/java/io/bastillion/manage/control/IAMRoleKtrl.java

@@ -25,18 +25,15 @@
  * exception statement from all source files in the program, then also delete
  * it in the license file.
  */
-package com.ec2box.manage.control;
+package io.bastillion.manage.control;
 
 import com.amazonaws.auth.AWSStaticCredentialsProvider;
-import com.amazonaws.regions.Region;
 import com.amazonaws.regions.Regions;
 import com.amazonaws.services.ec2.AmazonEC2;
 import com.amazonaws.services.ec2.AmazonEC2ClientBuilder;
-import com.amazonaws.services.ec2.model.*;
-import com.ec2box.manage.db.IAMRoleDB;
-import com.ec2box.manage.db.PrivateKeyDB;
-import com.ec2box.manage.util.AWSClientConfig;
-import com.ec2box.manage.util.SSHUtil;
+import io.bastillion.manage.db.IAMRoleDB;
+import io.bastillion.manage.db.PrivateKeyDB;
+import io.bastillion.manage.util.AWSClientConfig;
 import loophole.mvc.annotation.Kontrol;
 import loophole.mvc.annotation.MethodType;
 import loophole.mvc.annotation.Model;

src/main/java/com/ec2box/manage/control/LoginKtrl.java → src/main/java/io/bastillion/manage/control/LoginKtrl.java

@@ -25,14 +25,14 @@
  *    exception statement from all source files in the program, then also delete
  *    it in the license file.
  */
-package com.ec2box.manage.control;
-
-import com.ec2box.common.util.AppConfig;
-import com.ec2box.common.util.AuthUtil;
-import com.ec2box.manage.db.AuthDB;
-import com.ec2box.manage.model.Auth;
-import com.ec2box.manage.model.User;
-import com.ec2box.manage.util.OTPUtil;
+package io.bastillion.manage.control;
+
+import io.bastillion.common.util.AppConfig;
+import io.bastillion.common.util.AuthUtil;
+import io.bastillion.manage.db.AuthDB;
+import io.bastillion.manage.model.Auth;
+import io.bastillion.manage.model.User;
+import io.bastillion.manage.util.OTPUtil;
 import loophole.mvc.annotation.Kontrol;
 import loophole.mvc.annotation.MethodType;
 import loophole.mvc.annotation.Model;
@@ -50,7 +50,7 @@ public class LoginKtrl extends BaseKontroller {
     //check if otp is enabled
     @Model(name = "otpEnabled")
     static final Boolean otpEnabled = ("required".equals(AppConfig.getProperty("oneTimePassword")) || "optional".equals(AppConfig.getProperty("oneTimePassword")));
-    private static Logger loginAuditLogger = LoggerFactory.getLogger("com.ec2box.manage.control.LoginAudit");
+    private static Logger loginAuditLogger = LoggerFactory.getLogger("io.bastillion.manage.control.LoginAudit");
     private final String AUTH_ERROR = "Authentication Failed : Login credentials are invalid";
     private final String AUTH_ERROR_NO_PROFILE = "Authentication Failed : There are no profiles assigned to this account";
     @Model(name = "auth")