man nessus-check-signature (Commandes) - A simple utility to check (or generate) the signature of plugins retrieved from www.nessus.org

NAME

nessus-check-signature - A simple utility to check (or generate) the signature of plugins retrieved from www.nessus.org

SYNOPSIS

nessus-check-signature [-S] filename [signaturefile]

DESCRIPTION

nessus-check-signature is a simple utility used by nessus-update-plugins to check the signatures of the Nessus plugins downloaded from www.nessus.org. When executed and provided both an archive and a signaturefile it will verify if the file matches the signature and if the signature matches the nessus_org.pem certificate.

It can also generate the signatures for the plugins distributed by www.nessus.org but you will, obviously, need the private certificate file to do so. You can, however, customise the code to use an alternate certificate file and generate plugins distributions files for third party servers.

OPTIONS

-S
Sign the archive instead of checking the signature. nessus-check-signature will check for the private certificate key nessus_org.priv.pem and will generate a .sig file with the file signature.

EXAMPLE

To check the signature for all the plugins downloaded from the Nessus servers use:

nessus-check-signature all-2.0.tar.gz all-2.0.sig

EXIT VALUES

nessus-check-signature will return with a 0 value if the signature matches and will return with an error value (1) if the signature does not match or if any other error is found.

SEE ALSO

MORE INFORMATION ABOUT THE NESSUS PROJECT

The canonical place where you will find more information about the Nessus project is :

http://www.nessus.org/

AUTHORS

nessus-check-signature is (C) 2004 Tenable Network Security

This manpage was written by Javier Fernandez-Sanguino for the Debian distribution, and is distributed under the GPL.