Re: aide, apt-get and remote management...

[Adam ENDRODI <borso@vekoll.saturnus.vein.hu>]

On Fri, Dec 12, 2003 at 07:46:38AM +0100, Lupe Christoph wrote:
> 
> We don't use AIDE exclusively at a client site, but in combination
> with Tripwire.  We think tripwire is a little more secure becuse it
> uses signed databases.

Perhaps the following ./configure options will prove themselves
useful:
--with-confighmactype=TYPE    Hash type to use for checking config.
                              Valid values are md5 and sha1.
--with-confighmackey=KEY HMAC hash key to use for checking config.
                              Must be a base64 encoded byte stream.
                              Maximum string length is 31 chars.
--with-dbhmactype=TYPE        Hash type to use for checking db.
                              Valid values are md5 and sha1.
--with-dbhmackey=KEY          HMAC hash key to use for checking db.
                              Must be a base64 encoded byte stream.
                              Maximum string lentgth is 31 chars.
--enable-forced_configmd      Forces the config to have checksum.
                              Also disables --config-check
--enable-forced_dbmd          Forces the file/pipe database's to have checksum.
                              This will be the default in the next release.

bit,
adam

-- 
Am I a cleric?     | 1024D/37B8D989
Or maybe a sinner? | 954B 998A E5F5 BA2A 3622
Unbeliever?        | 82DD 54C2 843D 37B8 D989
Renegade?          | http://sks.dnsalias.net