Node: Encrypted Reports, Next: , Previous: OS Configuration, Up: Installation and Configuration



Encrypted Reports

Bro can use GPG (http://www.gnupg.org/) to encrypt the reports that it sends. To have Bro encrypt your reports you must have said "yes" to the bro_config question to encrypt your reports. Then each email recipient much generate a public/private key pair, and their public key must be installed on the Bro machine in the home directory of the user running the Bro process.

To create a key-pair:

     gpg --gen-key
     

To export the public key:

     gpg --armor --output mykey.gpg --export myemail@address.com
     

Then login to the machine running Bro and import the list of public keys:

     gpg --import mykey.gpg
     

Then you must to make the list of keys "trusted" so that they can be used to encrypt the email reports. To do this, you must edit the key to add "ultimate" trust to the key.

     gpg --edit-key myemail@address.com
     
     pub  1024D/4A872E40  created: 2001-02-05 expires: never      trust: -/f
     sub  3072g/B72DD7FE  created: 2001-02-05 expires: never
     (1). Some R. User <myemaill@address.com>
     
     Command> trust
     pub  1024D/4A872E40  created: 2001-02-05 expires: never      trust: -/f
     sub  3072g/B72DD7FE  created: 2001-02-05 expires: never
     (1). Some R. User <myemail@address.com>
     
     Please decide how far you trust this user to correctly
     verify other users' keys (by looking at passports,
     checking fingerprints from different sources...)?
     
      1 = Don't know
      2 = I do NOT trust
      3 = I trust marginally
      4 = I trust fully
      5 = I trust ultimately
      m = back to the main menu
     
     Your decision? 5
     Do you really want to set this key to ultimate trust? yes
     
     pub  1024D/4A872E40  created: 2001-02-05 expires: never      trust: u/u
     sub  3072g/B72DD7FE  created: 2001-02-05 expires: never
     (1). Some R. User <myemail@address.com>
     
     Command> quit
     
     

For more information on GPG see http://www.gnupg.org/