2. Installation

make install will gpg sign the configuration file before installation.

      bash$ ./configure --with-gpg=/usr/bin/gpg \
      --with-fp=EF6CEF54701A0AFDB86AF4C31AAD26C80F571F6C
      bash$ make
      bash$ su
      bash$ make install
      bash$ samhain -t init
      bash$ gpg -a --clearsign /var/lib/samhain/samhain_file
      bash$ mv /var/lib/samhain/samhain_file.asc \
      /var/lib/samhain/samhain_file
    

samhain will report the signature key owner and the key fingerprint as obtained from gpg . If both files are present and checked (i.e. when checking files against the database), both must be signed with the same key. If the verification is successful, samhain will only report the signature on the configuration file. If the verification fails, or the key for the configuration file is different from that of the database file, an error message will result.