I have finally gotten around to configure the Tripwire setup on my Debian installation, after having it bleat at me for the last 3 years! I found details on http://articles.techrepublic.com.com/5100-10877_11-6034353.html which pointed me in the correct direction. My installation is Debian based, so it fitted the “no twinstall.sh” case shown most closely.
I have had to tweak what the linked article says, slightly to make it work. I have also included the output that I saw, so you should know that you are in the correct place when you run the command (my principle is that sample output gives you the warm feeling that things are going well).
First we should generate the site key:twadmin --generate-keys -S site.key
(When selecting a passphrase, keep in mind that good passphrases typically have upper and lower case letters, digits and punctuation marks, and are at least 8 characters in length.)
Enter the site keyfile passphrase:
Verify the site keyfile passphrase:
Generating key (this may take several minutes)...
Key generation complete.
Then generated the local key:twadmin --generate-keys -L ${HOSTNAME}-local.key
(When selecting a passphrase, keep in mind that good passphrases typically have upper and lower case letters, digits and punctuation marks, and are at least 8 characters in length.)
Enter the local keyfile passphrase:
Verify the local keyfile passphrase:
Generating key (this may take several minutes)...
Key generation complete.
Then had to edit the config template, before generating the configuration file:twadmin --create-cfgfile --cfgfile tw.cfg --site-keyfile site.key twcfg.txt
Please enter your site passphrase:
Wrote configuration file: /etc/tripwire/tw.cfg
Then generated the policy file:twadmin --create-polfile --cfgfile tw.cfg --site-keyfile site.key twpol.txt
Please enter your site passphrase:
Wrote policy file: /etc/tripwire/tw.pol
Set file permissions:chown root:root site.key $HOSTNAME-local.key tw.cfg tw.pol
chmod 600 site.key $HOSTNAME-local.key tw.cfg tw.pol
Finally, initialized the database:tripwire --init
Please enter your local passphrase:
Parsing policy file: /etc/tripwire/tw.pol
Generating the database...
*** Processing Unix File System ***
### Warning: File system error.
### Filename: /var/lib/tripwire/.twd
### No such file or directory
### Continuing... Wrote database file: /var/lib/tripwire/.twd
The database was successfully generated.
Then deleted the source file: rm twcfg.txt twpol.txt
Haven’t run it for very long, so might update this if I have problems.