-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update version numbers and add upgrade guide for 2.7.0 (#513)
* Add upgrade guide for 2.7.0 * Add advisory about SHA-1 keys to 2.7.0 upgrade guide.
- Loading branch information
1 parent
6d2174f
commit e62ff60
Showing
8 changed files
with
125 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -139,7 +139,7 @@ signed with the release signing key: | |
| cd ~/Persistent/securedrop/ | ||
| git fetch --tags | ||
| git tag -v 2.6.1 | ||
| git tag -v 2.7.0 | ||
| The output should include the following two lines: | ||
|
|
||
|
|
@@ -160,9 +160,9 @@ screen of your workstation. If it does, you can check out the new release: | |
|
|
||
| .. code:: sh | ||
| git checkout 2.6.1 | ||
| git checkout 2.7.0 | ||
| .. important:: If you see the warning ``refname '2.6.1' is ambiguous`` in the | ||
| .. important:: If you see the warning ``refname '2.7.0' is ambiguous`` in the | ||
| output, we recommend that you contact us immediately at | ||
| [email protected] (`GPG encrypted <https://securedrop.org/sites/default/files/fpf-email.asc>`__). | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -229,7 +229,7 @@ Migrating Using a V2+V3 or V3-Only Backup | |
| cd ~/Persistent/securedrop/ | ||
| git fetch --tags | ||
| git tag -v 2.6.1 | ||
| git tag -v 2.7.0 | ||
| The output should include the following two lines: | ||
|
|
||
|
|
@@ -250,10 +250,10 @@ Migrating Using a V2+V3 or V3-Only Backup | |
|
|
||
| .. code:: sh | ||
| git checkout 2.6.1 | ||
| git checkout 2.7.0 | ||
| .. important:: | ||
| If you see the warning ``refname '2.6.1' is ambiguous`` in the | ||
| If you see the warning ``refname '2.7.0' is ambiguous`` in the | ||
| output, we recommend that you contact us immediately at | ||
| [email protected] | ||
| (`GPG encrypted <https://securedrop.org/sites/default/files/fpf-email.asc>`__). | ||
|
|
@@ -472,7 +472,7 @@ source accounts, and journalist accounts. To do so, follow the steps below: | |
| cd ~/Persistent/securedrop/ | ||
| git fetch --tags | ||
| git tag -v 2.6.1 | ||
| git tag -v 2.7.0 | ||
| The output should include the following two lines: | ||
|
|
||
|
|
@@ -491,11 +491,11 @@ source accounts, and journalist accounts. To do so, follow the steps below: | |
|
|
||
| .. code:: sh | ||
| git checkout 2.6.1 | ||
| git checkout 2.7.0 | ||
| .. important:: | ||
| If you see the warning ``refname '2.6.1' is ambiguous`` in the | ||
| If you see the warning ``refname '2.7.0' is ambiguous`` in the | ||
| output, we recommend that you contact us immediately at | ||
| [email protected] (`GPG encrypted <https://securedrop.org/sites/default/files/fpf-email.asc>`__). | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -24,7 +24,7 @@ update by running the following commands: :: | |
| git fetch --tags | ||
| gpg --keyserver hkps://keys.openpgp.org --recv-key \ | ||
| "2359 E653 8C06 13E6 5295 5E6C 188E DD3B 7B22 E6A3" | ||
| git tag -v 2.6.1 | ||
| git tag -v 2.7.0 | ||
|
|
||
| The output should include the following two lines: :: | ||
|
|
||
|
|
@@ -37,9 +37,9 @@ on the screen of your workstation. A warning that the key is not certified | |
| is normal and expected. If the output includes the lines above, you can check | ||
| out the new release: :: | ||
|
|
||
| git checkout 2.6.1 | ||
| git checkout 2.7.0 | ||
|
|
||
| .. important:: If you do see the warning "refname '2.6.1' is ambiguous" in the | ||
| .. important:: If you do see the warning "refname '2.7.0' is ambiguous" in the | ||
| output, we recommend that you contact us immediately at [email protected] | ||
| (`GPG encrypted <https://securedrop.org/sites/default/files/fpf-email.asc>`__). | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,3 @@ | ||
| .. _latest_upgrade_guide: | ||
|
|
||
| Upgrade from 2.6.0 to 2.6.1 | ||
| =========================== | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,110 @@ | ||
| .. _latest_upgrade_guide: | ||
|
|
||
| Upgrade from 2.6.1 to 2.7.0 | ||
| =========================== | ||
|
|
||
| .. note:: | ||
|
|
||
| This release will remove support for Submission Public Keys with legacy | ||
| SHA-1-based binding signatures. The SecureDrop Journalist Interface | ||
| will not start when the instance has been configured with such a key, | ||
| and the Source Interface will state that the instance is temporarily | ||
| offline. If you have set up SecureDrop according to our documentation, | ||
| you are not using such keys; no SecureDrop instances known to us are | ||
| affected by this change. | ||
|
|
||
| If you are unsure if you will be affected by this change, you can | ||
| reach out to us for support. Our recommended course of action is to | ||
| check your Submission Public Key, available at the /public-key | ||
| endpoint of your SecureDrop Source Interface onion url, using the | ||
| ``sq-keyring-linter`` program, which is available by default on your | ||
| Admin Workstation starting with Tails version 5.19. | ||
| If your key contains insecure SHA-1-based signatures, we suggest | ||
| creating a new Submission Keypair according to our documentation. | ||
| You should not delete the old key from your Secure Viewing Station, | ||
| so that you can still decrypt old submissions. We are happy to | ||
| assist you with this process. As a reminder, all key material should | ||
| be generated on an air-gapped machine, and should never reside on a | ||
| network-connected device. | ||
|
|
||
| For more detailed information about why keys with SHA-1 signatures are | ||
| insecure, see https://sequoia-pgp.org/blog/2023/02/01/202302-happy-sha1-day/. | ||
|
|
||
| Update Servers to SecureDrop 2.7.0 | ||
| ---------------------------------- | ||
| Servers running Ubuntu 20.04 will be updated to the latest version of SecureDrop | ||
| automatically within 24 hours of the release. | ||
|
|
||
| Update Workstations to SecureDrop 2.7.0 | ||
| --------------------------------------- | ||
|
|
||
| Updating Tails and replacing short passphrases | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
| Before upgrading your Workstations to SecureDrop 2.7.0, we | ||
| strongly recommend that you first upgrade to Tails 5.19. | ||
|
|
||
| Using the graphical updater | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| .. note:: | ||
|
|
||
| If you encounter errors with the graphical updater, perform a | ||
| manual update. This will ensure that you have imported the new | ||
| `SecureDrop release signing key <https://media.securedrop.org/media/documents/signing-key-transition.txt>`_. | ||
|
|
||
| On the next boot of your SecureDrop *Journalist* and *Admin Workstations*, | ||
| the *SecureDrop Workstation Updater* will alert you to workstation updates. You | ||
| must have `configured an administrator password <https://tails.boum.org/doc/first_steps/welcome_screen/administration_password/>`_ | ||
| on the Tails welcome screen in order to use the graphical updater. | ||
|
|
||
| Perform the update to 2.7.0 by clicking "Update Now": | ||
|
|
||
| .. image:: ../images/securedrop-updater.png | ||
|
|
||
| Performing a manual update | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
| If the graphical updater fails and you want to perform a manual update instead, | ||
| first delete the graphical updater's temporary flag file, if it exists (the | ||
| ``.`` before ``securedrop`` is not a typo): :: | ||
|
|
||
| rm ~/Persistent/.securedrop/securedrop_update.flag | ||
|
|
||
| This will prevent the graphical updater from attempting to re-apply the failed | ||
| update and has no bearing on future updates. You can now perform a manual | ||
| update by running the following commands: :: | ||
|
|
||
| cd ~/Persistent/securedrop | ||
| git fetch --tags | ||
| gpg --keyserver hkps://keys.openpgp.org --recv-key \ | ||
| "2359 E653 8C06 13E6 5295 5E6C 188E DD3B 7B22 E6A3" | ||
| git tag -v 2.7.0 | ||
|
|
||
| The output should include the following two lines: :: | ||
|
|
||
| gpg: using RSA key 2359E6538C0613E652955E6C188EDD3B7B22E6A3 | ||
| gpg: Good signature from "SecureDrop Release Signing Key <[email protected]>" [unknown] | ||
|
|
||
|
|
||
| Please verify that each character of the fingerprint above matches what is | ||
| on the screen of your workstation. A warning that the key is not certified | ||
| is normal and expected. If the output includes the lines above, you can check | ||
| out the new release: :: | ||
|
|
||
| git checkout 2.7.0 | ||
|
|
||
| .. important:: If you do see the warning "refname '2.7.0' is ambiguous" in the | ||
| output, we recommend that you contact us immediately at [email protected] | ||
| (`GPG encrypted <https://securedrop.org/sites/default/files/fpf-email.asc>`__). | ||
|
|
||
| Finally, run the following commands: :: | ||
|
|
||
| ./securedrop-admin setup | ||
| ./securedrop-admin tailsconfig | ||
|
|
||
| Getting Support | ||
| --------------- | ||
|
|
||
| Should you require further support with your SecureDrop installation, we are | ||
| happy to help! | ||
|
|
||
| .. include:: ../includes/getting-support.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| [tool.poetry] | ||
| name = "securedrop-docs" | ||
| version = "2.6.1" | ||
| version = "2.7.0" | ||
| description = "SecureDrop documentation for journalists, sources and administrators" | ||
| authors = ["SecureDrop team <[email protected]>"] | ||
| readme = "README.md" | ||
|
|
||