GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SLOGKEY(1) The slogkey manual page SLOGKEY(1)

slogkey - Manage cryptographic keys for use with syslog-ng secure logging

slogkey [options] [arguments]

The slogkey utility is used to manage cryptographic keys for use with the secure logging module of syslog-ng. Use this utility to create a master key, derive a host key to be used by a secure logging configuration and to display the current sequence counter of a key. The options determine the operating mode and are mutually exclusive.

The arguments depend on the operating mode.

Master key generation

Call sequence: slogkey --master-ḱey <filename>

<filename>: The name of the file to which the master key will be written.

Host key derivation

Call sequence: slogkey --derive-key <master key file> <host MAC address> <host serial number> <host key file>

<master key file>: The master key from which the host key will be derived.

<host MAC address>: The MAC address of the host on which the key will be used. Instead of the MAC address, any other string that uniquely identifies a host can be supplied, e.g. the company inventory number.

<host serial number>: The serial number of the host on which the key will be used. Instead of the serial number, any other string that uniquely identifies a host can be supplied, e.g. the company inventory number.

<host key file>: The name of the file to which the host key will be written.

NOTE: The newly created host key has its counter set to 0 indicating that it represents the initial host key k0. This host key must be kept secret and not be disclosed to third parties. It will be required to successfully decrypt and verify log archives processed by the secure logging environment. As each log entry will be encrypted with its own key, a new host key will be created after successful processing of a log entry and will replace the previous key. Therefore, the initial host key needs to be stored in a safe place before starting the secure logging environment, as it will be deleted from the log host after processing of the first log entry.

Sequence counter display

Call sequence: slogkey --counter <host key file>

<host key file>: The host key file from which the sequence will be read.

--master-key or -m
Generates a mew master key. <filename> is the name of the file storing the newly generated master key.

--derive-key or -d

Derive a host key using a previously generated master key.

--counter or -c

Display the current log sequence counter of a key.

--help or -h

Display a help message.

/usr/bin/slogkey

/etc/syslog-ng.conf

syslog-ng.conf(5)

secure-logging(7)


Note

For the detailed documentation of see The syslog-ng Administrator Guide[1]

If you experience any problems or need help with syslog-ng, visit the syslog-ng mailing list[2].

For news and notifications about of syslog-ng, visit the syslog-ng blogs[3].

For specific information requests related to secure logging send a mail to the Airbus Secure Logging Team <secure-logging@airbus.com>.

This manual page was written by the Airbus Secure Logging Team <secure-logging@airbus.com>.

1.
The syslog-ng Administrator Guide
https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/index.html
2.
syslog-ng mailing list
https://lists.balabit.hu/mailman/listinfo/syslog-ng
3.
syslog-ng blogs
https://syslog-ng.org/blogs/
03/04/2022 3.36

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.