On Mon, 2004-12-13 at 10:42, Aleksandar Milivojevic wrote: > Scot L. Harris wrote: > > I believe the only thing you can do is establish a new site and local > > key file with a new passphrase. In the past I have just created a new > > local and site key then re-initialized the database. I believe you can > > still look at the old reports that were generated. > > Thanks. I was affraid that will be the only solution :-( It's not that bad. Remember the passphrase is not used as a password, it is a key that is used to sign the database, config, and policy files. It does not take that much effort to initialize the database or sign the config and policy files when you want to change the keys. And it is a good thing to change the keys occasionally. Probably the hardest thing about using tripwire is getting the policy setup correctly the first time. The default policy is pretty bad since it usually includes many files that are not installed on a typical system and the rules in place for the root account and for log files require much adjustment. -- Scot L. Harris webid@xxxxxxxxxx Bo Derek ruined my life!
