Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys.
Update 3rd party dependencies to latest including Jetty.
To migrate from >= 3.10.00
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
New look and feel - Upgraded to Bootstrap v5, the latest Jetty, and updated all 3rd party libraries to the latest.
To migrate from >= 3.10.00
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
Update h2 to the latest version fix issue upgrading due to incompatibilities with H2 v2 - https://github.com/bastillion-io/Bastillion/issues/417
To migrate from >= 3.10.00
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
Update jetty, jsch, and h2 to the latest version
To migrate from 3.10.00
java -jar bastillion-upgrade-4.00.00.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
Remediation for CVE-2021-45105
To migrate from 3.10.00
java -jar bastillion-upgrade-4.00.00.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
Remediation for CVE-2021-23463
To migrate from 3.10.00
java -jar bastillion-upgrade-4.00.00.jar /opt/Bastillion-jetty/jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
Update Log4j to 2.16 to address CVE-2021-44228 and CVE-2021-45046
To migrate from 3.10.00
Upgraded all dependencies including jquery to 3.5.1. Added map option for default profile on Ldap authentication Up'ed encryption key size to 256 default
To migrate from 3.08.00
Removed license key requirement.
To migrate from 3.08.00
Fixed issue where the management key was deleted when a user is removed from a profile.
To migrate from 3.06.00
Install Open-JDK / Oracle-JDK - 1.9 or greater
apt-get install openjdk-9-jdk (or openjdk-11-jdk)
Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml
Run upgrade on the data store copied to the new installation
java -jar bastillion-upgrade-3.08.00.jar <whatever path>/jetty/bastillion/WEB-INF/classes/BastillionConfig.properties