Or yet another, I like this one best. syslog-ng generates a random value which it will use to generate hash #0, then a copy of this random value is sent to the sysadmin in an email message. Later when somebody wants to check logfile integrity, a copy of this key is needed. This could also be a security risk if that message remains on the same box.

This security risk can be reduced if the message is encrypted using the administrators (pgp) public key. Only the admin with the correct passphrase (and private key) will be able to obtain the random key. Can --=< Can Erkin Acar (canacar@bigfoot.com, canacar@eee.metu.edu.tr) >=--