Red Hat Linux 7.3: The Official Red Hat Linux Reference Guide | ||
---|---|---|
Prev | Chapter 12. Installing and Configuring Tripwire | Next |
Tripwire files are signed or encrypted using site and local keys, which protect the configuration, policy, database, and report files from being viewed or altered except by users who know the site and/or local passphrases. This means that, even if an intruder can obtain root access to your system, they will not be able to alter the Tripwire files to hide their tracks unless they also know the passphrases. When selecting passphrases, you must use at least eight alphanumeric and symbolic characters for each passphrase. The maximum length of a passphrase is 1023 characters. Quotes should not be used as passphrase characters. Also, make sure that your passphrases are completely different from the root password for the system.
You should assign unique passphrases for both the site key and the local key. The site key passphrase protects the site key, which is used to sign Tripwire configuration and policy files. The local key signs Tripwire database and report files.
Caution | |
---|---|
Store the passphrases in a secure location. There is no way to decrypt a signed file if you forget your passphrase. If you forget the passphrases, the files are unusable and you will have to run the configuration script again, which also reinitializes the Tripwire database. |