[Aide] Configure aide for /boot only verification on encrypted root system
service at remekmotorok.com
service at remekmotorok.com
Fri Jan 25 18:56:46 EET 2008
Configure aide for /boot only verification on encrypted root system
The standard installation defaults to:
/usr/local/bin/aide
/usr/local/etc/aide.conf
/usr/local/etc/aide.db
Since these are under the encrypted /root, they are reasonably safe most
of the time.
However, anyone with access to the unencrypted /boot can sneak in a key
logger, or other malicious code that in some very remote case could
disable aide.
(Unattended laptops in this case)
The preferred solution to this is to have aide compile and install to ~/
aide, aide.conf and aide.db all in the same directory (where ever that
directory might reside).
In this case, they can all be kept safe on a USB key or other removable
device.
As a second and more advanced step, that then gives me the option to
boot with any live CD, mount the /boot partition and
run aide --compare from the USB device.
I have tried various options of --prefix= and other --= commands, but so
far I have found no combination to get the above.
Any suggestions for the ./configure prefix to get the result of
everything in one ~/ directory?
If that is not possible, can someone point me to a place in the source,
to hard code in what I need?
Many thanks,
Mr. Mizzen
P.S.
The GPG key on source forge is expired
More information about the Aide
mailing list