made some changes to my pgp key, updated to all keyservers but not my OSSEC alerts are not coming to me encrypted anymore. Can someone point me in the right direction to find documentation on updating the key within the OSSEC keyring?
Do you mean they’re coming through in cleartext? If so that’s a bug. If not, and you mean that they can’t be decrypted, then you’ll need to update the system config with the new key’s pubkey:
In general, if you want to make system config changes you’ll need to use the admin workstation and run
./securedrop-admin sdconfig to change the required variables and
./securedrop-admin install to update the servers with the changes. It’s documented here:
In this specific case, to update the OSSEC key, you’ll need to
0) take a backup of your instance before you do anything else, just in case!
- copy the public key of the new GPG key into
~/Persistent/securedrop/install_files/ansible-base/on the admin workstation,
- get its fingerprint
sdconfigand update the ossec key filename and fingerprint with the values above
installto push the new pubkey to the monitor server
You can send test OSSEC alerts via the admin section of the journalist interface - they may take up to 15 minutes to be compiled and sent.
No bug, just not decrypting anymore. Thank you, I will give it a go.
im in the Persistent/securedrop$ directory but when I run the
./securedrop-admin sdconfig it says there is no directory. I was then prompted to run
securedrop-admin setup' instead and got the network error: 'ERROR: Failed to install pip dependencies. Check network connection and try again
Is your admin stick updated to Tails 4.x and the latest SecureDrop version? (1.2.1 at the moment.) That sounds like the errors to be expected if it was behind on either or both. The update to Tails 4 happened a while back with 1.1.0 and you can find more info on that here:
If that doesn’t help, and you want to share the errors that you’re seeing privately, probably the best way to do so would be via the support portal at https://support.freedom.press/ .