OSSEC PGP

 
Before you install any package from our project, we recommend that you verify it using our PGP key. Follow these two steps if you are not used to pgp (using gpg).

You first need to import our public key:

ossec-test# wget http://www.ossec.net/files/OSSEC-GPG-KEY.asc
ossec-test# gpg --import OSSEC-GPG-KEY.asc

And then verify each file against its signature:

ossec-test# gpg --verify file.sig file

You should get the following result:

gpg: Signature made Sun Aug 31 13:01:02 2008 ADT using RSA key ID 6B30327E
gpg: Good signature from "Daniel B. Cid (Ossec development) ”
Primary key fingerprint: 86C6 D33B C52E 19BF DDAE  57EB 4E57 14E2 6B30 327E

*Note that the key expiration date was changed lately. If you get an warning saying “gpg: Note: This key has expired!”, make sure to update the key and run the “import” command again (as specified above).

 

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.2.2 (OpenBSD)

mQILBETFKlYBEADVR+vYD0nG27jHs+IRGslpmAXsCZ5FSgnFfmEr1vwfaZzRYqwu
jbKJ8sTtmXft5NppuFDUyX89ntAf8LJEpZJcUCWtjqHuL71VfQg+8DHlk+cvyLgX
HGCF6xk41gtEl0JhLY1rBSNwSv9XaUOGWKrOr+bklSU1j66oqiehm6KB/zu7FK/e
Kt+tlcaqW5ZEE7hBWuNyeUR5q4OqWrZZJ0zRwONmTLlpFDp0uNajGJvhKcZnRQCY
O6jMf6U4FUfG//nzhJJBkWACgVfn4xp3rnhH8ZDSg6KdV8R8+VieQ3tT+R+yeUR8
sCD+L+3NpYhZLXdnpXvhnh1LWGVts0/JwqHANw+kxXKCVqIoyp/lJ1ArraS/Mjqk
qkAHZlancpKFnkSgIsT7D52BNDRz+zLva8ZyFHpgP3VCSYvlGq0xNA2J1Fb5hoyT
8AxofCmGP0L0hbmXTDDwwdTSYsErkv0XF0RdMzdG/uoZqjPkYxhq7UBP52fjKkev
dBgdDPkTkUaj7Vdg3t7px+Mis2ASV0TKVmUqxP/lGAf5PKq072dahd5KRr6bKOUv
FKOfjQlx+8OnSWqr5/cZ526TfE0LzPDTzAwqJnItWbf6hUqPgAzThFchjyMRohK5
+GMrXKhka90coRyzvVzlZe7kJe24bbehG5QwMDq9JEPdJQcV4ZxpC92hKQAGKbQy
RGFuaWVsIEIuIENpZCAoT3NzZWMgZGV2ZWxvcG1lbnQpIDxkY2lkQG9zc2VjLm5l
dD6JAjoEEwECACQCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AFAki6wAoFCQe3/LQA
CgkQTlcU4mswMn5BTA/+Id0cE6ZSRNYCQDorYwuDuN3RdfB6tc8SchqsS+d7ZOh/
jtNKEmLWZ9G5AivN0v7pp8GFBGy0t56/ethROKuAwtOeFG1J9UUBHrW7XqzXU1sd
C+OecxiVp2Td5KLajgg2CPujw6oSaWwlh7ckhj43c0OaCqniamc2gsuuXBpCG6zi
wogjapitFPXAfBP5kUvxTwaH9JTAsdq1Zurki7j4VhsFLS9Ff2Oa5b127oP82Igb
ZUV+d/FdT4baZ2pvfcxeDB6wEt7×2/W5FP2lLM7MQ+T3ErNqhx5zgwcYfDi097Fy
OwdA5ZKVjl8GHR+sGDQdaxiAHwhXWhV7sFgR1zbgFtUYYtsjtSbz53RzG0lf2Kjf
gaDit+Ku5g+0ce3ZkBYTQ6pfFeefpowqZvCGDV1mPghbbM5TC3XiOVG/mTLIW34O
BNcuIOeVEADmnR16k+8Gh5Gn936FeC3W5s2vxjQcxHvFRDZH2uBtdE793EMyB9rG
FfSQvLxfXPE0+oYW38ME1zNUp7N0Wj9ic40EhIWCmttqtQm3kgGmY7xSlqVTfVNH
A9fSqFML2k6WTQBilgqKq/qR7ba+skvQXMkwXBc7baEqCH6aGfjh9VZIdUDiAoNY
fOuailnaluyUhE89xTCOIHtCvbnYgt1OiKe+oa+Li7CciP8taM7+zcniP4ZMCZU=
=zjcI
—–END PGP PUBLIC KEY BLOCK—–