Tripwire files are signed or encrypted using
site and local keys, which protect the configuration, policy, database,
and report files from being viewed or altered except by users who know
the site and/or local passphrases. This means that, even if an intruder
can obtain root access to your system, they will not be able to alter
the Tripwire files to hide their tracks unless
they also know the passphrases. When selecting passphrases, you must use
at least eight alphanumeric and symbolic characters for each
passphrase. The maximum length of a passphrase is 1023 characters. Quotes
should not be used as passphrase characters. Also, make sure that your
passphrases are completely different from the root password for the
system.
You should assign unique passphrases for both the site key and the local
key. The site key passphrase protects the site key, which is used to
sign Tripwire configuration and policy
files. The local key signs Tripwire database
and report files.
 | Caution |
|---|
| | Store the passphrases in a secure location. There is no way
to decrypt a signed file if you forget your passphrase. If
you forget the passphrases, the files are
unusable and you will have to run the configuration script again,
which also reinitializes the Tripwire
database.
|
