Node: Encrypted Reports, Next: Generating Reports on a Separate Host, Previous: OS Configuration, Up: Installation and Configuration
Bro can use GPG (http://www.gnupg.org/) to encrypt the reports that it sends. To have Bro encrypt your reports you must have said "yes" to the bro_config question to encrypt your reports. Then each email recipient much generate a public/private key pair, and their public key must be installed on the Bro machine in the home directory of the user running the Bro process.
To create a key-pair:
gpg --gen-key
To export the public key:
gpg --armor --output mykey.gpg --export myemail@address.com
Then login to the machine running Bro and import the list of public keys:
gpg --import mykey.gpg
Then you must to make the list of keys "trusted" so that they can be used to encrypt the email reports. To do this, you must edit the key to add "ultimate" trust to the key.
gpg --edit-key myemail@address.com pub 1024D/4A872E40 created: 2001-02-05 expires: never trust: -/f sub 3072g/B72DD7FE created: 2001-02-05 expires: never (1). Some R. User <myemaill@address.com> Command> trust pub 1024D/4A872E40 created: 2001-02-05 expires: never trust: -/f sub 3072g/B72DD7FE created: 2001-02-05 expires: never (1). Some R. User <myemail@address.com> Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources...)? 1 = Don't know 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? yes pub 1024D/4A872E40 created: 2001-02-05 expires: never trust: u/u sub 3072g/B72DD7FE created: 2001-02-05 expires: never (1). Some R. User <myemail@address.com> Command> quit
For more information on GPG see http://www.gnupg.org/