2016-04-14 22:47:34 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
#
|
2019-02-06 15:19:14 +01:00
|
|
|
# CIS Debian Hardening
|
2016-04-14 22:47:34 +02:00
|
|
|
#
|
|
|
|
|
|
2016-04-20 14:36:55 +02:00
|
|
|
# If you followed this CIS hardening, this script follows 8.3.1_install_tripwire.sh
|
2019-03-12 09:58:35 +01:00
|
|
|
# After installing tripwire, you may want to run those few commented commands to make it fully functionnal
|
2016-04-14 22:47:34 +02:00
|
|
|
|
|
|
|
|
echo "Generating Site key file..."
|
|
|
|
|
twadmin -m G -S /etc/tripwire/site.key # Generates Site key file
|
|
|
|
|
echo "Generating Local key file..."
|
2019-03-12 09:58:35 +01:00
|
|
|
twadmin -m G -S /etc/tripwire/$(hostname -f)-local.key # Generate local key file
|
2016-04-14 22:47:34 +02:00
|
|
|
echo "Generating encrypted policy..."
|
|
|
|
|
twadmin -m P /etc/tripwire/twpol.txt # Apply new policy with generated site key file
|
|
|
|
|
echo "Generating Local database with newly created key..."
|
2019-03-12 09:58:35 +01:00
|
|
|
/usr/sbin/twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt # Init database with generated local key file
|
2016-04-14 22:47:34 +02:00
|
|
|
echo "Testing tripwire database update"
|
2019-03-12 09:58:35 +01:00
|
|
|
tripwire -m i # Test configuration update
|
