Initial commit.

1 files changed, 10 insertions, 0 deletions

diff --git a/README b/README
new file mode 100644
index 0000000..4f9a0ff
--- /dev/null
+++ b/README
@@ -0,0 +1,10 @@
+These are a couple of scripts used to manage the digital signing of AIDE
+databases.  The script check_sign_aide.sh is installed on one central server,
+where the various signatures will be managed and stored.  The script uses SSH
+to login to each remote server using public-key authentication.  Because these
+operations need to happen as root on each remote machine, root's
+authorized_keys file on each remote machine should have a forced command
+something like the following for the key of the central server handling the
+signing:
+
+command="/root/bin/check_sign_aide_wrapper.sh",no-port-forwarding,no-X11-forwarding,no-pty,from="server.example.com"