From d8a455efd41afdbefe6065e48df90ee2fb636dcb Mon Sep 17 00:00:00 2001
From: Nathan Kinkade <nkinkade@creativecommons.org>
Date: Fri, 23 May 2014 09:59:46 -0400
Subject: Initial commit.

---
 README | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 README

(limited to 'README')

diff --git a/README b/README
new file mode 100644
index 0000000..4f9a0ff
--- /dev/null
+++ b/README
@@ -0,0 +1,10 @@
+These are a couple of scripts used to manage the digital signing of AIDE
+databases.  The script check_sign_aide.sh is installed on one central server,
+where the various signatures will be managed and stored.  The script uses SSH
+to login to each remote server using public-key authentication.  Because these
+operations need to happen as root on each remote machine, root's
+authorized_keys file on each remote machine should have a forced command
+something like the following for the key of the central server handling the
+signing:
+
+command="/root/bin/check_sign_aide_wrapper.sh",no-port-forwarding,no-X11-forwarding,no-pty,from="server.example.com"
-- 
cgit v1.2.3