netbsd man page for veriexecgen

Query: veriexecgen

OS: netbsd

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

VERIEXECGEN(8)						    BSD System Manager's Manual 					    VERIEXECGEN(8)

NAME
veriexecgen -- generate fingerprints for Veriexec
SYNOPSIS
veriexecgen [-AaDrSTvW] [-d dir] [-o fingerprintdb] [-p prefix] [-t algorithm] veriexecgen [-h]
DESCRIPTION
veriexecgen can be used to create a fingerprint database for use with Veriexec. If no command line arguments were specified, veriexecgen will resort to default operation, implying -D -o /etc/signatures -t sha256. If the output file already exists, veriexecgen will save a backup copy in the same file only with a ``.old'' suffix. The following options are available: -A Append to the output file, don't overwrite it. -a Add fingerprints for non-executable files as well. -D Search system directories, /bin, /sbin, /usr/bin, /usr/sbin, /lib, /usr/lib, /libexec, and /usr/libexec. -d dir Scan for files in dir. Multiple uses of this flag can specify more than one directory. -h Display the help screen. -o fingerprintdb Save the generated fingerprint database to fingerprintdb. -p prefix When storing files in the fingerprint database, store the full pathnames of files with the leading ``prefix'' of the filenames removed. -r Scan recursively. -S Set the immutable flag on the created signatures file when done writing it. -T Put a timestamp on the generated file. -t algorithm Use algorithm for the fingerprints. Must be one of ``md5'', ``sha1'', ``sha256'', ``sha384'', ``sha512'', or ``rmd160''. -v Verbose mode. Print messages describing what operations are being done. -W By default, veriexecgen will exit when an error condition is encountered. This option will treat errors such as not being able to follow a symbolic link, not being able to find the real path for a directory entry, or not being able to calculate a hash of an entry as a warning, rather than an error. If errors are treated as warnings, veriexecgen will continue processing. The default behaviour is to treat errors as fatal.
FILES
/etc/signatures
EXAMPLES
Fingerprint files in the common system directories using the default hashing algorithm ``sha256'' and save to the default fingerprint data- base in /etc/signatures: # veriexecgen Fingerprint files in /etc, appending to the default fingerprint database: # veriexecgen -A -d /etc Fingerprint files in /path/to/somewhere using ``rmd160'' as the hashing algorithm, saving to /etc/somewhere.fp: # veriexecgen -d /path/to/somewhere -t rmd160 -o /etc/somewhere.fp
SEE ALSO
veriexec(4), veriexec(5), security(7), veriexec(8), veriexecctl(8)
BSD
February 18, 2008 BSD
Related Man Pages
sha512(1) - freebsd
veriexec(9) - netbsd
veriexec(5) - netbsd
veriexecgen(8) - netbsd
net::dns::rr::sshfp5.18(3) - mojave
Similar Topics in the Unix Linux Community
Fingerprint GUI 0.6 (Default branch)
Fingerprint GUI 0.7 (Default branch)
Fingerprint GUI 0.8 (Default branch)
Fingerprint GUI 0.9 (Default branch)
Accept fingerprint automaticaly secureCRT