Merge branch 'stretch' of https://github.com/bashrc/freedombone

src/freedombone-controlpanel

@@ -1780,8 +1780,8 @@ function show_firewall {
     echo $"Firewall Settings"
     echo ''
     while read -r line; do
-        firewall_name=$(awk "$line" -F '=' '{print $1}')
-        firewall_port=$(awk "$line" -F '=' '{print $2}')
+        firewall_name=$(echo "$line" | awk -F '=' '{print $1}')
+        firewall_port=$(echo "$line" | awk -F '=' '{print $2}')
         echo -n -e "$(pad_string "${firewall_name}")"
         echo "${firewall_port}"
     done < "$FIREWALL_CONFIG"
@@ -1881,29 +1881,25 @@ function email_smtp_proxy {
 function menu_backup_restore {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone Control Panel" \
-               --title $"Backup and Restore" \
-               --radiolist $"Choose an operation:" 19 70 12 \
-               1 $"Backup data to USB drive" off \
-               2 $"Restore GPG key from USB keydrive" off \
-               3 $"Restore data from USB drive" off \
-               4 $"Reinstall mariadb" off \
-               5 $"Configure remote backups" off \
-               6 $"Restore from remote backup" off \
-               7 $"Backup GPG key to USB (master keydrive)" off \
-               8 $"Backup GPG key to USB (fragment keydrive)" off \
-               9 $"Format a USB drive (LUKS encrypted)" off \
-               10 $"Remove backups from a USB drive" off \
-               11 $"Back to main menu" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               break;;
-            255) rm -f "$data"
-                 break;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Backup data to USB drive"
+           2 $"Restore GPG key from USB keydrive"
+           3 $"Restore data from USB drive"
+           4 $"Reinstall mariadb"
+           5 $"Configure remote backups"
+           6 $"Restore from remote backup"
+           7 $"Backup GPG key to USB (master keydrive)"
+           8 $"Backup GPG key to USB (fragment keydrive)"
+           9 $"Format a USB drive (LUKS encrypted)"
+           10 $"Remove backups from a USB drive")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Backup and Restore" --menu $"Choose an operation, or ESC for main menu:" 19 70 12 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+           break
+        fi
+
+        case $selection in
             1) backup_data;;
             2) restore_gpg_key;;
             3) restore_data;;
@@ -1914,36 +1910,29 @@ function menu_backup_restore {
             8) create_keydrive_fragment;;
             9) format_drive;;
             10) remove_backups;;
-            11) rm -f "$data"
-                break;;
         esac
-        rm -f "$data"
     done
 }
 
 function menu_email {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone Control Panel" \
-               --title $"Email Menu" \
-               --radiolist $"Choose an operation:" 15 70 8 \
-               1 $"Add a user to a mailing list" off \
-               2 $"Remove a user from a mailing list" off \
-               3 $"Add an email rule" off \
-               4 $"Block/Unblock an email address" off \
-               5 $"Block/Unblock email with subject text" off \
-               6 $"Outgoing Email Proxy" off \
-               7 $"Extra email domains" off \
-               8 $"Back to main menu" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               break;;
-            255) rm -f "$data"
-                 break;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Add a user to a mailing list"
+           2 $"Remove a user from a mailing list"
+           3 $"Add an email rule"
+           4 $"Block/Unblock an email address"
+           5 $"Block/Unblock email with subject text"
+           6 $"Outgoing Email Proxy"
+           7 $"Extra email domains")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Email Menu" --menu $"Choose an operation, or ESC for main menu:" 15 70 8 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+           break
+        fi
+
+        case $selection in
             1) add_to_mailing_list;;
             2) remove_user_from_mailing_list;;
             3) email_rule;;
@@ -1951,10 +1940,7 @@ function menu_email {
             5) block_unblock_subject;;
             6) email_smtp_proxy;;
             7) email_extra_domains;;
-            8) rm -f "$data"
-               break;;
         esac
-        rm -f "$data"
     done
 }
 
@@ -2073,66 +2059,52 @@ function domain_blocking_show {
 function domain_blocking {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone Control Panel" \
-               --title $"Domain or User Blocking" \
-               --radiolist $"Choose an operation:" 14 60 6 \
-               1 $"Block a domain or user" off \
-               2 $"Unblock a domain or user" off \
-               3 $"Block an IP address" off \
-               4 $"Unblock an IP address" off \
-               5 $"Show blocked domains and users" off \
-               6 $"Back to main menu" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               break;;
-            255) rm -f "$data"
-                 break;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Block a domain or user"
+           2 $"Unblock a domain or user"
+           3 $"Block an IP address"
+           4 $"Unblock an IP address"
+           5 $"Show blocked domains and users")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Domain or User Blocking" --menu $"Choose an operation, or ESC for main menu:" 13 70 6 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+           break
+        fi
+
+        case $selection in
             1) domain_blocking_add;;
             2) domain_blocking_remove;;
             3) ip_blocking_add;;
             4) ip_blocking_remove;;
             5) domain_blocking_show;;
-            6) rm -f "$data"
-               break;;
         esac
-        rm -f "$data"
     done
 }
 
 function menu_users {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone Control Panel" \
-               --title $"Manage Users" \
-               --radiolist $"Choose an operation:" 13 70 6 \
-               1 $"Add a user" off \
-               2 $"Delete a user" off \
-               3 $"Change user password" off \
-               4 $"Change user ssh public key" off \
-               5 $"Reset password tries" off \
-               6 $"Back to main menu" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               break;;
-            255) rm -f "$data"
-                 break;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Add a user"
+           2 $"Delete a user"
+           3 $"Change user password"
+           4 $"Change user ssh public key"
+           5 $"Reset password tries")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Manage Users" --menu $"Choose an operation, or ESC for main menu:" 13 70 6 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+            break
+        fi
+
+        case $selection in
             1) add_user;;
             2) delete_user;;
             3) change_password;;
             4) change_ssh_public_key;;
             5) reset_password_tries;;
-            6) rm -f "$data"
-               break;;
         esac
-        rm -f "$data"
     done
 }
 
@@ -2202,31 +2174,24 @@ function menu_wifi {
             fi
         fi
 
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone Control Panel" \
-               --title $"Wifi Menu" \
-               --radiolist $"${status_str}\\n\\nChoose an operation:" 14 70 6 \
-               1 $"Enable or disable Wifi" off \
-               2 $"Configure wifi networks" off \
-               3 $"Manually edit wifi networks file" off \
-               4 $"Hotspot settings" off \
-               5 $"Exit" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               break;;
-            255) rm -f "$data"
-                 break;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Enable or disable Wifi"
+           2 $"Configure wifi networks"
+           3 $"Manually edit wifi networks file"
+           4 $"Hotspot settings")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Wifi Menu" --menu $"${status_str}\\n\\nChoose an operation, or ESC for main menu:" 14 70 6 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+            break
+        fi
+
+        case $selection in
             1) wifi_enable;;
             2) wifi_settings;;
             3) wifi_edit_networks;;
             4) hotspot_settings;;
-            5) rm -f "$data"
-               break;;
         esac
-        rm -f "$data"
     done
 }
 
@@ -2275,41 +2240,38 @@ function menu_app_settings {
 function menu_top_level {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone Control Panel" \
-               --title $"Control Panel" \
-               --radiolist $"Choose an operation:" 30 70 22 \
-               1 $"About this system" off \
-               2 $"Passwords" off \
-               3 $"Backup and Restore" off \
-               4 $"Show Firewall" off \
-               5 $"Verify Tripwire Code" off \
-               6 $"Reset Tripwire" off \
-               7 $"App Settings" off \
-               8 $"Add/Remove Apps" off \
-               9 $"Logging on/off" off \
-               10 $"Ping enable/disable" off \
-               11 $"Manage Users" off \
-               12 $"Email Menu" off \
-               13 $"Domain or User Blocking" off \
-               14 $"Security Settings" off \
-               15 $"Change the name of this system" off \
-               16 $"Set a static local IP address" off \
-               17 $"Wifi menu" off \
-               18 $"Add Clacks" off \
-               19 $"Check for updates" off \
-               20 $"Power off the system" off \
-               21 $"Restart the system" off \
-               22 $"Exit" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               exit 1;;
-            255) rm -f "$data"
-                 exit 1;;
-        esac
+        W=(1 $"About this system"
+           2 $"Passwords"
+           3 $"Backup and Restore"
+           4 $"Show Firewall"
+           5 $"Verify Tripwire Code"
+           6 $"Reset Tripwire"
+           7 $"App Settings"
+           8 $"Add/Remove Apps"
+           9 $"Logging on/off"
+           10 $"Ping enable/disable"
+           11 $"Manage Users"
+           12 $"Email Menu"
+           13 $"Domain or User Blocking"
+           14 $"Security Settings"
+           15 $"Change the name of this system"
+           16 $"Set a static local IP address"
+           17 $"Wifi menu"
+           18 $"Add Clacks"
+           19 $"Check for updates"
+           20 $"Power off the system"
+           21 $"Restart the system")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Administrator Control Panel" --menu $"Choose an operation, or ESC to exit:" 28 60 28 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+            break
+        fi
+
         please_wait
-        case $(cat "$data") in
+
+        case $selection in
             1) show_about;;
             2) view_or_change_passwords;;
             3) menu_backup_restore;;
@@ -2335,10 +2297,7 @@ function menu_top_level {
             19) check_for_updates;;
             20) shut_down_system;;
             21) restart_system;;
-            22) rm -f "$data"
-                break;;
         esac
-        rm -f "$data"
     done
 }
 

src/freedombone-controlpanel-user

@@ -283,34 +283,25 @@ function gpg_set_trust {
     fpr=$(gpg --with-colons --fingerprint "$TRUST_ADDRESS" | grep fpr | head -n 1 | awk -F ':' '{print $10}')
     if [ ${#fpr} -gt 2 ]; then
 
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone User Control Panel" \
-               --title $"Trust a PGP/GPG key or website domain" \
-               --radiolist $"Set the trust level for $TRUST_ADDRESS:" 18 70 10 \
-               1 $"I don't know or won't say" off \
-               2 $"I do NOT trust" off \
-               3 $"I trust marginally" on \
-               4 $"I trust fully" off \
-               5 $"I trust ultimately" off 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               return;;
-            255) rm -f "$data"
-                 return;;
-        esac
-        TRUST_LEVEL=$(cat "$data")
-        if [ "${TRUST_LEVEL}" -ge 1 ] ; then
-            if [ "${TRUST_LEVEL}" -le 5 ] ; then
-                if echo -e "trust\\n${TRUST_LEVEL}\\ny\\nsave\\n" | gpg --command-fd 0 --edit-key "$fpr"; then
-                    gpg --update-trustdb
-                    dialog --title $"Trust a PGP/GPG key or website domain" \
-                           --backtitle $"Freedombone User Control Panel" \
-                           --msgbox $"$TRUST_ADDRESS was set to trust level ${TRUST_LEVEL}" 6 50
-                fi
-            fi
+        W=(1 $"I don't know or won't say"
+           2 $"I do NOT trust"
+           3 $"I trust marginally"
+           4 $"I trust fully"
+           5 $"I trust ultimately")
+
+        # shellcheck disable=SC2068
+        TRUST_LEVEL=$(dialog --backtitle $"Freedombone User Control Panel" --title $"Trust a PGP/GPG key or website domain" --menu $"Set the trust level for $TRUST_ADDRESS:" 18 70 10 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$TRUST_LEVEL" ]; then
+            return;
+        fi
+
+        if echo -e "trust\\n${TRUST_LEVEL}\\ny\\nsave\\n" | gpg --command-fd 0 --edit-key "$fpr"; then
+            gpg --update-trustdb
+            dialog --title $"Trust a PGP/GPG key or website domain" \
+                   --backtitle $"Freedombone User Control Panel" \
+                   --msgbox $"$TRUST_ADDRESS was set to trust level ${TRUST_LEVEL}" 6 50
         fi
-        rm -f "$data"
     fi
 }
 
@@ -732,29 +723,25 @@ function gpg_key_trust {
 function menu_encryption_keys {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone User Control Panel" \
-               --title $"My Encryption Keys" \
-               --radiolist $"Choose an operation:" 19 70 11 \
-               1 $"Show your PGP/GPG key" off \
-               2 $"Show your full PGP/GPG key, including private key" off \
-               3 $"Publish your PGP/GPG key so that others can find it" off \
-               4 $"Add someone's PGP/GPG key" off \
-               5 $"Remove someone's PGP/GPG key" off \
-               6 $"Sign a PGP/GPG key or website domain" off \
-               7 $"Refresh your PGP/GPG keys" off \
-               8 $"Add an ssh key for logging in" off \
-               9 $"Remove an ssh key for logging in" off \
-               10 $"Set the trust level for a PGP/GPG key" off \
-               11 $"Back to main menu" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               break;;
-            255) rm -f "$data"
-                 break;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Show your PGP/GPG key"
+           2 $"Show your full PGP/GPG key, including private key"
+           3 $"Publish your PGP/GPG key so that others can find it"
+           4 $"Add someone's PGP/GPG key"
+           5 $"Remove someone's PGP/GPG key"
+           6 $"Sign a PGP/GPG key or website domain"
+           7 $"Refresh your PGP/GPG keys"
+           8 $"Add an ssh key for logging in"
+           9 $"Remove an ssh key for logging in"
+           10 $"Set the trust level for a PGP/GPG key")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone User Control Panel" --title $"My Encryption Keys" --menu $"Choose an operation, or ESC for main menu:" 19 70 11 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+            break
+        fi
+
+        case $selection in
             1) show_gpg_key;;
             2) show_full_gpg_key;;
             3) publish_gpg_key;;
@@ -765,45 +752,35 @@ function menu_encryption_keys {
             8) add_ssh_key;;
             9) remove_ssh_key;;
             10) gpg_key_trust;;
-            11) rm -f "$data"
-                break;;
         esac
-        rm -f "$data"
     done
 }
 
 function menu_email {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone User Control Panel" \
-               --title $"Change Email Filtering Rules" \
-               --radiolist $"Choose an operation:" 14 70 7 \
-               1 $"Add yourself to a mailing list" off \
-               2 $"Remove yourself from a mailing list" off \
-               3 $"Add an email rule for an address" off \
-               4 $"Add an email rule for a subject" off \
-               5 $"Block or unblock an email address" off \
-               6 $"Block or unblock email with subject text" off \
-               7 $"Back to main menu" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               break;;
-            255) rm -f "$data"
-                 break;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Add yourself to a mailing list"
+           2 $"Remove yourself from a mailing list"
+           3 $"Add an email rule for an address"
+           4 $"Add an email rule for a subject"
+           5 $"Block or unblock an email address"
+           6 $"Block or unblock email with subject text")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone User Control Panel" --title $"Change Email Filtering Rules" --menu $"Choose an operation, or ESC for main menu:" 14 70 7 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+            break
+        fi
+
+        case $selection in
             1) add_to_mailing_list;;
             2) remove_user_from_mailing_list;;
             3) email_rule_address;;
             4) email_rule_subject;;
             5) block_unblock_email;;
             6) block_unblock_subject;;
-            7) rm -f "$data"
-               break;;
         esac
-        rm -f "$data"
     done
 }
 
@@ -899,28 +876,24 @@ function show_your_email_address {
 function menu_top_level {
     while true
     do
-        data=$(mktemp 2>/dev/null)
-        dialog --backtitle $"Freedombone User Control Panel" \
-               --title $"User Control Panel" \
-               --radiolist $"Choose an operation:" 20 60 13 \
-               1 $"Use Email" off \
-               2 $"Show your Email Address" off \
-               3 $"Change Email Filtering/Blocking Rules" off \
-               4 $"Run an App" off \
-               5 $"Browse the Web" off \
-               6 $"My Encryption Keys" off \
-               7 $"Set an outgoing email proxy" off \
-               8 $"Administrator controls" off \
-               9 $"Exit to the command line" off \
-               10 $"Log out" on 2> "$data"
-        sel=$?
-        case $sel in
-            1) rm -f "$data"
-               exit 1;;
-            255) rm -f "$data"
-                 exit 1;;
-        esac
-        case $(cat "$data") in
+        W=(1 $"Use Email"
+           2 $"Show your Email Address"
+           3 $"Change Email Filtering/Blocking Rules"
+           4 $"Run an App"
+           5 $"Browse the Web"
+           6 $"My Encryption Keys"
+           7 $"Set an outgoing email proxy"
+           8 $"Administrator controls"
+           9 $"Exit to the command line")
+
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone User Control Panel" --title $"User Control Panel" --menu $"Choose an operation, or ESC to log out:" 20 60 13 "${W[@]}" 3>&2 2>&1 1>&3)
+        if [ ! "$selection" ]; then
+            kill -HUP "$(pgrep -s 0 -o)"
+            break
+        fi
+
+        case $selection in
             1) mutt;;
             2) show_your_email_address;;
             3) menu_email;;
@@ -929,11 +902,8 @@ function menu_top_level {
             6) menu_encryption_keys;;
             7) smtp_proxy;;
             8) menu_admin;;
-            9) rm -f "$data"
-               break;;
-            10) kill -HUP "$(pgrep -s 0 -o)";;
+            9) break;;
         esac
-        rm -f "$data"
     done
 }
 

src/freedombone-sec

@@ -924,86 +924,66 @@ function remove_tor_bridge_relay {
 }
 
 function menu_tor_bridges {
-    data=$(mktemp 2>/dev/null)
-    dialog --backtitle $"Freedombone Control Panel" \
-           --title $"Tor Bridges" \
-           --radiolist $"Choose an operation:" 14 50 6 \
-           1 $"Show bridges" off \
-           2 $"Add a bridge" off \
-           3 $"Remove a bridge" off \
-           4 $"Make this system into a bridge" off \
-           5 $"Stop being a bridge" off \
-           6 $"Go Back/Exit" on 2> "$data"
-    sel=$?
-    case $sel in
-        1) rm -f "$data"
-           exit 1;;
-        255) rm -f "$data"
-             exit 1;;
-    esac
+    W=(1 $"Show bridges"
+       2 $"Add a bridge"
+       3 $"Remove a bridge"
+       4 $"Make this system into a bridge"
+       5 $"Stop being a bridge")
 
-    case $(cat "$data") in
+    # shellcheck disable=SC2068
+    selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Security Settings" --menu $"Choose an operation, or ESC to go back:" 14 50 6 "${W[@]}" 3>&2 2>&1 1>&3)
+
+    if [ ! "$selection" ]; then
+        exit 0
+    fi
+
+    case $selection in
         1)
             show_tor_bridges
-            rm -f "$data"
             exit 0
             ;;
         2)
             add_tor_bridge
-            rm -f "$data"
             exit 0
             ;;
         3)
             remove_tor_bridge
-            rm -f "$data"
             exit 0
             ;;
         4)
             add_tor_bridge_relay
-            rm -f "$data"
             exit 0
             ;;
         5)
             remove_tor_bridge_relay
-            rm -f "$data"
-            exit 0
-            ;;
-        6)
-            rm -f "$data"
             exit 0
             ;;
     esac
-    rm -f "$data"
 }
 
 function menu_security_settings {
-    data=$(mktemp 2>/dev/null)
-    dialog --backtitle $"Freedombone Control Panel" \
-           --title $"Security Settings" \
-           --radiolist $"Choose an operation:" 23 76 23 \
-           1 $"Run STIG tests" off \
-           2 $"Fix STIG test failures" off \
-           3 $"Show ssh host public key" off \
-           4 $"Tor bridges" off \
-           5 $"Password storage" off \
-           6 $"Export passwords" off \
-           7 $"Regenerate ssh host keys" off \
-           8 $"Regenerate Diffie-Hellman keys" off \
-           9 $"Update cipersuite" off \
-           10 $"Create a new Let's Encrypt certificate" off \
-           11 $"Renew Let's Encrypt certificate" off \
-           12 $"Delete a Let's Encrypt certificate" off \
-           13 $"Enable GPG based authentication (monkeysphere)" off \
-           14 $"Register a website with monkeysphere" off \
-           15 $"Allow ssh login with passwords" off \
-           16 $"Go Back/Exit" on 2> "$data"
-    sel=$?
-    case $sel in
-        1) rm -f "$data"
-           exit 1;;
-        255) rm -f "$data"
-             exit 1;;
-    esac
+    W=(1 $"Run STIG tests"
+       2 $"Fix STIG test failures"
+       3 $"Show ssh host public key"
+       4 $"Tor bridges"
+       5 $"Password storage"
+       6 $"Export passwords"
+       7 $"Regenerate ssh host keys"
+       8 $"Regenerate Diffie-Hellman keys"
+       9 $"Update cipersuite"
+       10 $"Create a new Let's Encrypt certificate"
+       11 $"Renew Let's Encrypt certificate"
+       12 $"Delete a Let's Encrypt certificate"
+       13 $"Enable GPG based authentication (monkeysphere)"
+       14 $"Register a website with monkeysphere"
+       15 $"Allow ssh login with passwords")
+
+    # shellcheck disable=SC2068
+    selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Security Settings" --menu $"Choose an operation, or ESC to exit:" 23 76 23 "${W[@]}" 3>&2 2>&1 1>&3)
+
+    if [ ! "$selection" ]; then
+        exit 0
+    fi
 
     clear
 
@@ -1019,13 +999,12 @@ function menu_security_settings {
     import_settings
     export_settings
 
-    case $(cat "$data") in
+    case $selection in
         1)
             clear
             echo $'Running STIG tests...'
             echo ''
             ${PROJECT_NAME}-tests --stig showall
-            rm -f "$data"
             exit 0
             ;;
         2)
@@ -1034,28 +1013,23 @@ function menu_security_settings {
             echo ''
             ${PROJECT_NAME}-tests --stig fix
             echo $'Fixes applied. You will need to run the STIG tests again to be sure that they were all fixed.'
-            rm -f "$data"
             exit 0
             ;;
         3)
             dialog --title $"SSH host public keys" \
-                   --msgbox "\n$(get_ssh_server_key)" 12 60
-            rm -f "$data"
+                   --msgbox "\\n$(get_ssh_server_key)" 12 60
             exit 0
             ;;
         4)
             menu_tor_bridges
-            rm -f "$data"
             exit 0
             ;;
         5)
             store_passwords
-            rm -f "$data"
             exit 0
             ;;
         6)
             export_passwords
-            rm -f "$data"
             exit 0
             ;;
         7)
@@ -1086,15 +1060,9 @@ function menu_security_settings {
         15)
             allow_ssh_passwords
             change_ssh_settings
-            rm -f "$data"
-            exit 0
-            ;;
-        16)
-            rm -f "$data"
             exit 0
             ;;
     esac
-    rm -f "$data"
 
     change_website_settings
     change_imap_settings