-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a03d422
commit 65af40c
Showing
2 changed files
with
10 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -31,12 +31,11 @@ the destination address can be [email protected]. | |
|
|
||
| What you need: | ||
|
|
||
| - The *OSSEC Alert Public Key* | ||
| - The fingerprint of the key used when encrypting OSSEC alerts | ||
| - The *OSSEC Alert Public Key* and its fingerprint | ||
| - The email address that will receive alerts from OSSEC | ||
| - The reachable hostname of your SMTP relay | ||
| - The secure SMTP port of your SMTP relay | ||
| (typically 25, 587, or 465. must support TLS encryption) | ||
| (typically 25, 587, or 465; must support TLS encryption) | ||
| - An email username to authenticate to the SMTP relay | ||
| - The domain name of the email used to send OSSEC alerts | ||
| - The password of the email used to send OSSEC alerts | ||
|
|
@@ -56,8 +55,11 @@ solutions should be able to meet those requirements. | |
|
|
||
| These values must be set in the | ||
| :ref:`configuration playbook<configure_securedrop>` by running the | ||
| ``securedrop-admin sdconfig`` command, which will prompt for each of the | ||
| items listed above. | ||
| ``./securedrop-admin sdconfig`` command, which will prompt for each of the | ||
| items listed above. Please note, this command updates the configuration, | ||
| but does not apply it to the servers. Any time you make changes to | ||
| the configuration it is necessary to deploy them with the | ||
| ``./securedrop-admin install`` command. | ||
|
|
||
| If you don't know what value to enter for one of these, please ask your | ||
| organization's email admin for the full configuration before | ||
|
|
@@ -82,7 +84,7 @@ although we've described some common scenarios in the | |
|
|
||
| If you have your *OSSEC Alert Public Key* public key handy, copy it to | ||
| ``install_files/ansible-base`` and then specify the filename, e.g. | ||
| ``ossec.pub``, when prompted by ``securedrop-admin sdconfig``. | ||
| ``ossec.pub``, when prompted by ``./securedrop-admin sdconfig``. | ||
|
|
||
| If you don't have your GPG key ready, you can run GnuPG on the command line in | ||
| order to find, import, and export your public key. It's best to copy the key | ||
|
|
||