Re: [OT] Tripwire passphrase

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2004-12-13 at 10:42, Aleksandar Milivojevic wrote:
> Scot L. Harris wrote:
> > I believe the only thing you can do is establish a new site and local
> > key file with a new passphrase.  In the past I have just created a new
> > local and site key then re-initialized the database.  I believe you can
> > still look at the old reports that were generated.  
> 
> Thanks.  I was affraid that will be the only solution :-(

It's not that bad.  Remember the passphrase is not used as a password,
it is a key that is used to sign the database, config,  and policy
files.  It does not take that much effort to initialize the database or
sign the config and policy files when you want to change the keys.  

And it is a good thing to change the keys occasionally.  

Probably the hardest thing about using tripwire is getting the policy
setup correctly the first time.  The default policy is pretty bad since
it usually includes many files that are not installed on a typical
system and the rules in place for the root account and for log files
require much adjustment.  


-- 
Scot L. Harris
webid@xxxxxxxxxx

Bo Derek ruined my life! 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux