diff options
Diffstat (limited to 'README')
| -rw-r--r-- | README | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -0,0 +1,10 @@ +These are a couple of scripts used to manage the digital signing of AIDE +databases. The script check_sign_aide.sh is installed on one central server, +where the various signatures will be managed and stored. The script uses SSH +to login to each remote server using public-key authentication. Because these +operations need to happen as root on each remote machine, root's +authorized_keys file on each remote machine should have a forced command +something like the following for the key of the central server handling the +signing: + +command="/root/bin/check_sign_aide_wrapper.sh",no-port-forwarding,no-X11-forwarding,no-pty,from="server.example.com" |