2. Installation

2. Installation
Prev	Chapter 9. Additional Features — Signed Configuration/Database Files	Next

2. Installation

make install will sign the configuration file before installation.

      bash$ ./configure --with-gpg=/usr/bin/gpg \
      --with-fp=EF6CEF54701A0AFDB86AF4C31AAD26C80F571F6C
      bash$ make
      bash$ su
      bash$ make install
      bash$ samhain -t init
      bash$ gpg -a --clearsign /var/lib/samhain/samhain_file
      bash$ mv /var/lib/samhain/samhain_file.asc \
      /var/lib/samhain/samhain_file

samhain will report the signature key owner and the key fingerprint as obtained from gpg . If both files are present and checked (i.e. when checking files against the database), both must be signed with the same key. If the verification is successful, samhain will only report the signature on the configuration file. If the verification fails, or the key for the configuration file is different from that of the database file, an error message will result.

Prev	Up	Next
Chapter 9. Additional Features — Signed Configuration/Database Files	Home	3. The samhainadmin script