I'm having trouble verifying that signed reports ar actually being signed. I run the command:
tripwire --check --signed-report --email-report
it asks for the local passphrase, and generates the report. The problem is that I can find no indication that the report has actually been signed, either in the email generated, or in the saved report file. Is there something I'm missing, or is this just the way it works?
You could use twadmin to 'examine' the report:
./twadmin -m e ../report/<reportname>.twr
This will show you that the report is signed with Asymmetric Encryption, and that the local.key will decrypt the file.
Realistically, there's not much benefit to signing the reports - they're encoded already, and signing just makes them tamper-proof at the cost of extra cpu usage and disk space.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.