Hi, On Mon, Nov 25, 2024 at 02:06:21PM +0000, Django BOfH wrote: > In my search for alternatives, I stumbled across AIDE. As far as I > could see so far, AIDE does not offer the option of signing the > database created when determining the actual status of a host in order > to ensure, for example, that the reference data with which the actual > status is later compared has been manipulated. Or have I not > understood something? Or, alternatively, how can you ensure that the > database used as a reference during the check has not been > manipulated?
Support for signed databases is tracked in GitHub issue #7 [github] and planned for a future release (≥ 0.20). For now you can detect a tampered database by comparing the checksums of the databases that are displayed in the report (as long as the AIDE binary and linked libraries have not changed). Best regards Hannes [github] https://github.com/aide/aide/issues/7 _______________________________________________ Aide mailing list [email protected] https://www.ipi.fi/mailman/listinfo/aide
