How to create authentication for the token generator about canarytokens-docker HOT 11 CLOSED

I agree, I feel like I'm missing something as it doesn't seem wise to have the same interface for managing/generating tokens on the same public interface that the tokens are detected being used.

from canarytokens-docker.

Hopefully Thinkst would address this ASAP

from canarytokens-docker.

Hi Jordan, have u tested the new version of canary tokens. Seems like i am havin some issues with the DNS tokens. I have set it up on an AWS ubuntu instance. Also made sure tht the requirements like setting up a public IP address, a domain name etc have been set up. For testing purposes i have made sure tht the security groups in AWS is allow all inbound and outbound traffic to this instance. Wondering whats causing the issue. Am i missing something

from canarytokens-docker.

Hi @Manu-Surendra, what issues are you having with the DNS tokens?

from canarytokens-docker.

I think i figured out the issue, i should have followed the procedure properly. I just created an A record and pointed it my public Ip and hence it did not work. So now i have created my own pvt name server. Had to create a new domain all together cause godaddy does not support private Nameservers. Am waiting for the propagation of newly registered private name server. Planning to check it on Monday.

from canarytokens-docker.

hi, the propagation of the my nameserver is completed. Its updated in most of the countries, its just a matter time now, for it to replicate across full. Thanks a lot guys, it works now

from canarytokens-docker.

Hi @thinkst , would you guys come up some basic authentication in the future. We wanna use it in our company environment, but we are scared that anyone can access the website and generate their own tokens. Please give us an on update on this

from canarytokens-docker.

Hey @Manu-Surendra, unfortunately we do not have basic authentication on our current roadmap, however its not all doom and groom. There are a couple ways in which you could potentially add basic auth support.

1. There should be an nginx configuration that would allow for basic auth. This method would require less code, but a change to the nginx docker image. You could check the nginx documentation on how to do that.
2. You could add the basic auth wrapper to our site manager. Basic auth is supported by twisted and so with a little bit of digging you could easily get basic auth.

The complexity with adding authentication would be where the list of users are stored, added, managed. We would gladly accept a PR if you come right with adding the basic auth support.

Thanks for the suggestion though!

from canarytokens-docker.

@thinkst , we found another way of overcoming the issue. we have blocked access to the "http://mydomain.com/generate" page using URL filtering so that no one can access it from outside. And we use the internal IP of the instance to access it and generate tokens. Since only the http://mydomain.com/generate is blocked, the tokens gets triggered without any issues whn someone accesses it externally . Yes, i will test the nginx and auth wrapper from twisted and will keep u guys posted

from canarytokens-docker.

Just for those who will be looking for enabling basic auth.
Just create .htpasswd under nginx directory and amend nginx.conf file (google it). Then add additional COPY line in nginx/Dockerfile to copy .htpasswd file. Once done, you need to rebuild container, just run docker build (from canarytokens-docker directory). On next run you will have new changes.

from canarytokens-docker.

Hey @kuriackovskij,

Thanks for the information and step through. Ill give it a go in the next few days and perhaps add it as something easier to enable.

Thanks again!

from canarytokens-docker.