stereum-dev
[Enhancement]: 2FA install/uninstall lock prevention
Describe the enhancement
If 2FA will be installed on a node, there is always a (at least minimal) chance that something went wrong during install or uninstall processes. The result of such a failure could be that the machine is fully locked and never again accessible (in worst case). Sterem takes measures to prevent such failures during setup or removal processes, however this could be improved.
After 2FA is installed or uninstalled, the user is automatically logged out (which is required by the 2FA setup). Give the user X minutes time to login after the install/uninstall is done to confirm the process was successful and the machine is not locked. Otherwise replace the SSH settings with those that was backed up before installation.
This also counts when 2FA is uninstalled! Therefore the user must login within X minutes to make sure the uninstall process worked as expected. Otherwise the SSH settings are replaced with those that was backed up before INstallation because they must have been worked.
This requirements should be clearly communicated when the "COMFIRM" (Install) or "REMOVE" (Uninstall) buttons (see below) are pressed. Something like: "You will now logged out. You need to relogin within 5 minutes to confirm the install/uninstall process has worked properly" -> OK/ABORT After the next login, just show a popup "You have successfully installed/uninstalled 2FA" -> OK
REMOVE Button:
CONFIRM button:
Side Note
It should also somwhere mentioned, that nuking the node does not remove 2FA, because it is machine and not application specifc.
Dependencies
No response
Additional Context
No response
Acknowledgment
- [X] I have reviewed the existing enhancements and confirm that this suggestion is unique.
