Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SLOGKEY(1)		    The	slogkey	manual page		    SLOGKEY(1)

NAME
       slogkey - Manage	cryptographic keys for use with	syslog-ng secure
       logging

SYNOPSIS
       slogkey [options] [arguments]

DESCRIPTION
       The slogkey utility is used to manage cryptographic keys	for use	with
       the secure logging module of syslog-ng. Use this	utility	to create a
       master key, derive a host key to	be used	by a secure logging
       configuration and to display the	current	sequence counter of a key. The
       options determine the operating mode and	are mutually exclusive.

ARGUMENTS
       The arguments depend on the operating mode.

       Master key generation
	   Call	sequence: slogkey --master-a,+-ey <filename>

	   <filename>: The name	of the file to which the master	key will be
	   written.

       Host key	derivation
	   Call	sequence: slogkey --derive-key <master key file> <host MAC
	   address> <host serial number> <host key file>

	   <master key file>: The master key from which	the host key will be
	   derived.

	   <host MAC address>: The MAC address of the host on which the	key
	   will	be used. Instead of the	MAC address, any other string that
	   uniquely identifies a host can be supplied, e.g. the	company
	   inventory number.

	   <host serial	number>: The serial number of the host on which	the
	   key will be used. Instead of	the serial number, any other string
	   that	uniquely identifies a host can be supplied, e.g. the company
	   inventory number.

	   <host key file>: The	name of	the file to which the host key will be
	   written.

	   NOTE: The newly created host	key has	its counter set	to 0
	   indicating that it represents the initial host key k0. This host
	   key must be kept secret and not be disclosed	to third parties. It
	   will	be required to successfully decrypt and	verify log archives
	   processed by	the secure logging environment.	As each	log entry will
	   be encrypted	with its own key, a new	host key will be created after
	   successful processing of a log entry	and will replace the previous
	   key.	Therefore, the initial host key	needs to be stored in a	safe
	   place before	starting the secure logging environment, as it will be
	   deleted from	the log	host after processing of the first log entry.

       Sequence	counter	display
	   Call	sequence: slogkey --counter <host key file>

	   <host key file>: The	host key file from which the sequence will be
	   read.

OPTIONS
       --master-key or -m
	   Generates a mew master key. <filename> is the name of the file
	   storing the newly generated master key.

       --derive-key or -d
	   Derive a host key using a previously	generated master key.

       --counter or -c
	   Display the current log sequence counter of a key.

       --help or -h
	   Display a help message.

FILES
       /usr/bin/slogkey

       /etc/syslog-ng.conf

SEE ALSO
       syslog-ng.conf(5)

       secure-logging(7)

	   Note
	   For the detailed documentation of see The syslog-ng Administrator
	   Guide[1]

	   If you experience any problems or need help with syslog-ng, visit
	   the syslog-ng mailing list[2].

	   For news and	notifications about of syslog-ng, visit	the syslog-ng
	   blogs[3].

	   For specific	information requests related to	secure logging send a
	   mail	to the Airbus Secure Logging Team <secure-logging@airbus.com>.

AUTHOR
       This manual page	was written by the Airbus Secure Logging Team
       <secure-logging@airbus.com>.

COPYRIGHT
NOTES
	1. The syslog-ng Administrator Guide
	   https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/index.html

	2. syslog-ng mailing list
	   https://lists.balabit.hu/mailman/listinfo/syslog-ng

	3. syslog-ng blogs
	   https://syslog-ng.org/blogs/

3.28				  06/22/2020			    SLOGKEY(1)

NAME | SYNOPSIS | DESCRIPTION | ARGUMENTS | OPTIONS | FILES | SEE ALSO | AUTHOR | COPYRIGHT | NOTES

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=slogkey&sektion=1&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help