Bastillion Versions Save

Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys.

v3.15.00

8 months ago

Update 3rd party dependencies to latest including Jetty.

To migrate from >= 3.10.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Run the bastillion-upgrade-4.00.01.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.14.0

2 years ago

New look and feel - Upgraded to Bootstrap v5, the latest Jetty, and updated all 3rd party libraries to the latest.

To migrate from >= 3.10.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Run the bastillion-upgrade-4.00.01.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.13.00

2 years ago

Update h2 to the latest version fix issue upgrading due to incompatibilities with H2 v2 - https://github.com/bastillion-io/Bastillion/issues/417

To migrate from >= 3.10.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Run the bastillion-upgrade-4.00.01.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.01.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.12.02

2 years ago

Update jetty, jsch, and h2 to the latest version

To migrate from 3.10.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Run the bastillion-upgrade-4.00.00.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.00.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.12.01

2 years ago

Remediation for CVE-2021-45105

To migrate from 3.10.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Run the bastillion-upgrade-4.00.00.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.00.jar /jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.12.00

2 years ago

Remediation for CVE-2021-23463

To migrate from 3.10.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Run the bastillion-upgrade-4.00.00.jar on the database copied to the new installation
java -jar bastillion-upgrade-4.00.00.jar  /opt/Bastillion-jetty/jetty/bastillion/WEB-INF/classes/BastillionConfig.properties
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.11.01

2 years ago

Update Log4j to 2.16 to address CVE-2021-44228 and CVE-2021-45046

To migrate from 3.10.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.10.00

3 years ago

Upgraded all dependencies including jquery to 3.5.1. Added map option for default profile on Ldap authentication Up'ed encryption key size to 256 default

To migrate from 3.08.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.09.00

4 years ago

Removed license key requirement.

To migrate from 3.08.00

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)
  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.
  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

v3.08.01

4 years ago

Fixed issue where the management key was deleted when a user is removed from a profile.

To migrate from 3.06.00

  • Install Open-JDK / Oracle-JDK - 1.9 or greater

    apt-get install openjdk-9-jdk (or openjdk-11-jdk)

  • Backup previous bastillion.h2.db data store (possibly named keybox.h2.db)

  • Copy old jetty/bastillion/WEB-INF/classes/keydb folder (and it's contents) to the jetty/bastillion/WEB-INF/classes directory of the new installation.

  • Copy old jetty/bastillion/WEB-INF/classes/bastillion.jceks to the /jetty/bastillion/WEB-INF/classes directory of the new installation.

  • Copy old jetty/bastillion/WEB-INF/classes/BastillionConfig.properties to the /jetty/bastillion/WEB-INF/classes directory of the new installation.

  • Adjust settings or copy as needed for the jaas.conf, log4j2.xml, keystore, jetty-ssl.xml and jetty-http.xml

  • Run upgrade on the data store copied to the new installation

java -jar bastillion-upgrade-3.08.00.jar <whatever path>/jetty/bastillion/WEB-INF/classes/BastillionConfig.properties