8.2.5_syslog-ng_remote_host.sh 8.2.6_remote_syslog-ng_acl.sh 8.3.1_install_tripwire.sh

This commit is contained in:
thibault.dewailly
2016-04-14 22:47:34 +02:00
parent f0bff32503
commit d373b6f937
10 changed files with 184 additions and 12 deletions

20
bin/postinstall/tripwire.sh Executable file
View File

@ -0,0 +1,20 @@
#!/bin/bash
#
# CIS Debian 7 Hardening
#
# If you followed this CIS hardenning, this script follows 8.3.1_install_tripwire.sh
# After installing tripwire, you may want to run those few commented commands to make it fully functionnal
echo "Generating Site key file..."
twadmin -m G -S /etc/tripwire/site.key # Generates Site key file
echo "Generating Local key file..."
twadmin -m G -S /etc/tripwire/$(hostname -f)-local.key # Generate local key file
echo "Generating encrypted policy..."
twadmin -m P /etc/tripwire/twpol.txt # Apply new policy with generated site key file
echo "Generating Local database with newly created key..."
/usr/sbin/twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt # Init database with generated local key file
echo "Testing tripwire database update"
tripwire -m i # Test configuration update
~