srlog2 Secure Remote Log Transmission System Bruce Guenter <bruce@untroubled.org> Version 0.80 2007-08-07 This is srlog2, a secure remote log transmission system. A mailing list has been set up to discuss this and other packages. To subscribe, send an email to: bgware-subscribe@lists.untroubled.org A mailing list archive is available at: http://lists.untroubled.org/?list=bgware Development versions of srlog2 are available via Subversion at: svn://bruce-guenter.dyndns.org/srlog2/trunk Requirements: - bglibs version 1.041 or later - libtomcrypt version 1.03 or later - nistp224 library version 0.75 or later Installation: - Make sure the latest version of bglibs from http://untroubled.org/bglibs/ is compiled and installed. - Build the sources by running "make" - After the package has been compiled, run "make install" as root. Configuration: On the senders: - Create host keys in /etc/srlog2: srlog2-keygen -t nistp224 /etc/srlog2 srlog2-keygen -t curve25519 /etc/srlog2 - Copy all the public keys generated for the receiver into /etc/srlog2/servers/host.name.of.receiver.net On the receiver: - Generate local host keys: srlog2-keygen -t nistp224 . srlog2-keygen -t curve25519 . cat nistp224 curve25519 >secrets - Copy one or both of the public keys generated above into "senders" as: short-name:copy-of-/etc/srlog2/nistp224.pub short-name:copy-of-/etc/srlog2/curve25519.pub - OR copy one or both of the public keys generated above into "services" as: short-name:service:copy-of-/etc/srlog2/nistp224.pub short-name:service:copy-of-/etc/srlog2/curve25519.pub (Note: curve25519 only works on 32-bit x86 systems at the moment) Operation: - For each service, instead of running "multilog t" as the log manager, run something like "srlog2 service host.name.of.receiver.net" - srlog2 understands multilog's filter syntax (+pattern -pattern etc). - On the receiver, add a srlog2d service as follows: #!/bin/bash cd /where/you/put/the/config/files exec srlog2d srlog2-logger Make sure you either use the --mkdirs option to srlog2-logger or create all the directories you want to write logs into in advance. Security Notes: - The srlog2 program creates two files in the current directory, "buffer" and "sequence". If you wish to run srlog2 as non-root, you will need to precreate those files and make sure srlog2 has permission to write to them. - The srlog2 program needs read access to the secret keys in /etc/srlog2, but nothing else should be allowed to read them. - Similarly, the srlog2d program needs read access to the secret keys in its "secrets" file, but nothing else should be allowed to read them. - None of the srlog2 receiver components (srlog2d or srlog2-logger) need to run as root. - srlog2d neither creates nor writes any files. This project was initiated at FutureQuest, Inc. We are releasing it as an open-source project because we felt it would be useful to others, as well as to repay our debt of gratitude to the larger open-source community for the excellent packages we have enjoyed. For more details, you may contact FutureQuest, Inc. at: FutureQuest, Inc. PO BOX 623127 Oviedo FL 32762-3127 USA http://www.FutureQuest.net/ ossi@FutureQuest.net This package is Copyright(C) 2007 Bruce Guenter or FutureQuest, Inc., and may be copied according to the GNU GENERAL PUBLIC LICENSE (GPL) Version 2 or a later version. A copy of this license is included with this package. This package comes with no warranty of any kind.
Name Modification Time Size
Parent Directory 2008-02-23 23:36 - ANNOUNCEMENT 2007-08-07 08:53 4k NEWS 2007-08-07 08:53 2k TODO 2007-08-07 08:53 610 archive 2007-08-07 08:55 - design.html 2007-08-07 08:53 32k fc1 2007-08-07 08:55 - fc2 2007-08-07 08:55 - rh6 2007-08-07 08:55 - rh7 2007-08-07 08:55 - srlog2-0.80-2.src.rpm 2007-08-07 08:53 94k srlog2-0.80.tar.gz 2007-08-07 08:50 91k srlog2-0.80.tar.gz.sig 2007-08-07 08:50 189 srlog2-keygen.1.html 2007-08-07 08:53 942 srlog2-logger.1.html 2007-08-07 08:53 1k srlog2.1.html 2007-08-07 08:53 2k srlog2.html 2007-08-07 08:53 2k srlog2d.1.html 2007-08-07 08:53 2k srlog2q.1.html 2007-08-07 08:53 789
RPM File: srlog2-0.80-2.src.rpm
Name : srlog2 Relocations: (not relocateable) Version : 0.80 Vendor: (none) Release : 2 Build Date: Tue Aug 7 08:51:42 2007 Group : Utilities/System Source RPM: (none) Size : 94436 License: GPL Packager : Bruce Guenter <bruce@untroubled.org> URL : http://untroubled.org/srlog2/ Summary : Secure Remote Log transmission system Description : Secure Remote Log transmission system Requires : bglibs >= 1.041 libtomcrypt-devel nistp224 rpmlib(CompressedFileNames) <= 3.0.4-1