Annvix: Tools/AIDE gpg

From Annvix

AIDE+gpg

The Annvix AIDE package was bundled with wrapper/frontend scripts to provide authenticity features to the AIDE database similar to what Tripwire has. Since these scripts are useful for others who do not or did not use Annvix, the scripts are being made available as AIDE+gpg. The package comes with a manpage (aideinit(8)), a script to initialize the database (aideinit), a script to check the database (aidecheck, meant to be run daily via cron), and a script to update the database (aideupdate).

History

In January of 2006, before AIDE could be considered a functional replacement for Annvix, the AIDE+gpg frontend was written and has been used in Annvix since. In April 2008, the AIDE package provided by Mandriva Linux was updated to use AIDE+gpg.

Features

AIDE+gpg provides a mechanism to provide detached GPG signatures to the AIDE database, typically /var/lib/aide/aide.db. The AIDE+gpg scripts always verify the detached signature before calling aide to operate on or check the system. If the detached signature check fails, the authenticity of the database has been compromised and should not be trusted.

The aideinit(8) script creates the initial AIDE database and also generates a specific GPG private/public keypair as root with which to sign and verify the database. The key userid is aide@(hostname). As a result, these scripts must be run as root, either directly or via sudo.

The aidecheck script checks the database by first verifying the GPG signature of the database and if it passes, will execute aide in check mode. If the signature is missing, aidecheck refuses to run and exits with return code 1. If the GPG signature check fails, it exits with return code 1. The aidecheck script is meant to be run via cron daily, or manually.

The aideupdate script updates the database. It will first create a compressed copy of the old database named aide-(hostname)-(date).db.gz, then verifies the GPG signature, runs aide in update mode, and then prompts the user for the GPG passphrase to sign the database.

Download

The current version of AIDE+gpg is 1.0 and can be downloaded as aide+gpg-1.0.tar.bz2.

Retrieved from "http://annvix.org/Tools/AIDE_gpg"

Personal tools

Search

Toolbox

From Annvix

History

Features

Download

Views

Home Recent changes Donations Page Index About Annvix Project Goals Development Team News Developer's Blog Resources User Guide Documentation Release Notes Changelog Mailing Lists Download Annvix Development Tools View Subversion CIA Project Page Ohloh Project Page Search Toolbox What links here Related changes Upload file Special pages Printable version	/Tools/AIDE gpg From Annvix AIDE+gpg The Annvix AIDE package was bundled with wrapper/frontend scripts to provide authenticity features to the AIDE database similar to what Tripwire has. Since these scripts are useful for others who do not or did not use Annvix, the scripts are being made available as AIDE+gpg. The package comes with a manpage (aideinit(8)), a script to initialize the database (aideinit), a script to check the database (aidecheck, meant to be run daily via cron), and a script to update the database (aideupdate). History In January of 2006, before AIDE could be considered a functional replacement for Annvix, the AIDE+gpg frontend was written and has been used in Annvix since. In April 2008, the AIDE package provided by Mandriva Linux was updated to use AIDE+gpg. Features AIDE+gpg provides a mechanism to provide detached GPG signatures to the AIDE database, typically /var/lib/aide/aide.db. The AIDE+gpg scripts always verify the detached signature before calling aide to operate on or check the system. If the detached signature check fails, the authenticity of the database has been compromised and should not be trusted. The aideinit(8) script creates the initial AIDE database and also generates a specific GPG private/public keypair as root with which to sign and verify the database. The key userid is aide@(hostname). As a result, these scripts must be run as root, either directly or via sudo. The aidecheck script checks the database by first verifying the GPG signature of the database and if it passes, will execute aide in check mode. If the signature is missing, aidecheck refuses to run and exits with return code 1. If the GPG signature check fails, it exits with return code 1. The aidecheck script is meant to be run via cron daily, or manually. The aideupdate script updates the database. It will first create a compressed copy of the old database named aide-(hostname)-(date).db.gz, then verifies the GPG signature, runs aide in update mode, and then prompts the user for the GPG passphrase to sign the database. Download The current version of AIDE+gpg is 1.0 and can be downloaded as aide+gpg-1.0.tar.bz2. Retrieved from "http://annvix.org/Tools/AIDE_gpg"
	Views Page Discussion View source History This page was last modified 08:20, 7 May 2008. About Annvix Disclaimers Sponsors: Mortgage - Car Insurance - Flights - Cheap Flights