Template: tripwire/upgrade
Type: boolean
Default: true
_Description: Do you wish to upgrade?
 The format of the Tripwire database and configuration files have changed
 substantially between previous versions and this release.
 .
 To ensure your system remains secure, the upgrade process keeps a copy of
 the old version of Tripwire and the old configuration file along with any
 old databases that may exist.  You will find a detailed explanation for
 using the old version of Tripwire in
 /usr/share/doc/tripwire/README.Debian.
 .
 However, as no conversion of the old configuration file and database is
 attempted, you may prefer not to upgrade.
 .
 Due to the way Debian handles configuration files, if you choose to
 upgrade you must accept the new version of /etc/cron.daily/tripwire for
 regular reporting to occur.  The cron job associated with the previous
 version will continue to run regardless.

Template: tripwire/use-sitekey
Type: boolean
Default: true
_Description: Do you wish to create/use your site key pass-phrase during installation?
 Tripwire uses a pair of keys to sign various files, thus ensuring their
 unaltered state.  By accepting here, you will be prompted for the
 pass-phrase for the first of those keys, the site key, during the
 installation.  You are also agreeing to the create of a site key if one
 doesn't already exist.  Tripwire uses the site key to sign files that may
 be common to multiple systems, e.g. the configuration & policy files.  See
 twfiles(5) for more information.
 .
 Unfortunately, due to the Debian installation process, there is a period
 of time where this pass-phrase exists in a unencrypted format. Were an
 attacker to have access to your machine during this period, that could
 possibly retrieve your pass-phrase and use it at some later point.
 .
 If you would rather not have this exposure, decline here.  You will then
 need to create a site key, configuration file & policy file by hand.  See
 twadmin(8) for more information.

Template: tripwire/use-localkey
Type: boolean
Default: true
_Description: Do you wish to create/use your local key pass-phrase during installation?
 Tripwire uses a pair of keys to sign various files, thus ensuring their
 unaltered state.  By accepting here, you will be prompted for the
 pass-phrase for the second of those keys, the local key, during the
 installation.  You are also agreeing to the create of a site key if one
 doesn't already exist.  Tripwire uses the local key to sign files that are
 specific to this system, e.g. the tripwire database. See twfiles(5) for
 more information.
 .
 Unfortunately, due to the Debian installation process, there is a period
 of time where this pass-phrase exists in a unencrypted format. Were an
 attacker to have access to your machine during this period, that could
 possibly retrieve your pass-phrase and use it at some later point.
 .
 If you would rather not have this exposure, decline here.  You will then
 need to create a local key file by hand.  See twadmin(8) for more
 information.

Template: tripwire/site-passphrase
Type: password
_Description: Enter site-key pass-phrase
 Tripwire uses two different keys for authentication and encryption of
 files.  The site key is used to protect files that could be used across
 several systems.  This includes the policy and configuration files.
 .
 You are being prompted for this pass-phrase either because no site key
 exists at this time or because you have requested the rebuilding of the
 policy or configuration files.
 .
 Remember this pass-phrase; it is not stored anywhere!

Template: tripwire/site-passphrase-again
Type: password
_Description: Repeat the site-key pass-phrase
 Please repeat the site pass phrase to be sure you didn't mistype.

Template: tripwire/site-passphrase-incorrect
Type: boolean
Default: false
_Description: Your site pass-phrase is incorrect. Retry operation?
 The site pass-phrase you entered is incorrect.  If you think you mistyped
 it and would like to retry the current operation accept below.  If
 you can't remember the pass-phrase, decline below and the tripwire
 installation process will terminate gracefully.  When you remember the
 site pass-phrase continue the installation process by running
 .
   dpkg-reconfigure tripwire
 .
 as root.
 .
 If you have completely forgotten your site pass-phrase, generate a new
 site key with a new pass-phrase by running
 .
   twadmin -m G -S /etc/tripwire/site.key
 .
 as root.

Template: tripwire/local-passphrase
Type: password
_Description: Enter local key pass-phrase
 Tripwire uses two different keys for authentication and encryption of
 files.  The local key is used to protect files specific to the local
 machine, such as the Tripwire database.  The local key may also be used
 for signing integrity check reports.
 .
 You are being prompted for this pass-phrase because no local key file
 currently exists.
 .
 Remember this pass-phrase; it is not stored anywhere!

Template: tripwire/local-passphrase-again
Type: password
_Description: Repeat the local key pass-phrase
 Please repeat the local pass phrase to be sure you didn't mistype.

Template: tripwire/local-passphrase-incorrect
Type: boolean
Default: false
_Description: Your local pass-phrase is incorrect. Retry operation?
 The local pass-phrase you entered is incorrect.  If you think you mistyped
 it and would like to retry the current operation accept below.  If
 you can't remember the pass-phrase, decline below and the tripwire
 installation process will terminate gracefully.  When you remember the
 local pass-phrase continue the installation process by running
 .
   dpkg-reconfigure tripwire
 .
 as root.
 .
 If you have completely forgotten your local pass-phrase, generate a new
 site key with a new pass-phrase by running
 .
   twadmin -m G -L /etc/tripwire/${hostname}-local.key
 .
 as root.

Template: tripwire/rebuild-config
Type: boolean
Default: true
_Description: Rebuild Tripwire configuration file?
 Tripwire keeps its configuration in a encrypted database that is
 generated, by default, from /etc/tripwire/twcfg.txt
 .
 Any changes to /etc/tripwire/twcfg.txt, either as a result of a change in
 this package or due to administrator activity, require the regeneration of
 the encrypted database before they will take effect.
 .
 Selecting this action will result in your being prompted for the site key
 pass-phrase during the post-installation process of this package.

Template: tripwire/rebuild-policy
Type: boolean
Default: true
_Description: Rebuild Tripwire policy file?
 Tripwire keeps its policies on what attributes of which files should be
 monitored in a encrypted database that is generated, by default, from
 /etc/tripwire/twpol.txt
 .
 Any changes to /etc/tripwire/twpol.txt, either as a result of a change in
 this package or due to administrator activity, require the regeneration of
 the encrypted database before they will take effect.
 .
 Selecting this action will result in your being prompted for the site key
 pass-phrase during the post-installation process of this package.

Template: tripwire/email-report
Type: note
_Description: Tripwire no longer emails reports by default
 Previous versions of Tripwire provided the administrator with the option
 of emailing the compliance report generated by the daily cron job to a
 particular address.  This functionality is no longer provided.
 .
 Instead, the administrator may choose to mail failures associated with
 individual rules or sets of rules to one or more accounts, with different
 rule sets using independent email addresses.
 .
 By default, this package does not enable this feature.  Please see the
 twpolicy(4) man page for details on how to configure this functionality.

Template: tripwire/installed
Type: note
_Description: Tripwire has been installed
 The Tripwire binaries are located in /usr/sbin and the database is located
 in /var/lib/tripwire. It is strongly advised that these locations be
 stored on write-protected media (e.g. mounted RO floppy). See
 /usr/share/doc/tripwire/README.Debian for details.

Template: tripwire/broken-passphrase
Type: note
_Description: Your Tripwire installation may be misconfigured
 There was a bug in version 2.3.0-1 of this package that resulted in
 Tripwire's site and local keys being generated without a passphrase.
 .
 You are strongly urged to delete both the site key file,
 /etc/tripwire/site.key, and local key file,
 /etc/tripwire/${hostname}-local.key, and reconfigure this package using
 dpkg-reconfigure once you have completed this upgrade.  This will result
 in new key files and protect the configuration and policy files once the
 are generated.

Template: tripwire/change-in-default-policy
Type: note
_Description: The default Tripwire policy has changed
 With release ${release}, the default tripwire policy has changed.  If you
 accept dpkg's offer to upgrade /etc/tripwire/twpol.txt and have previously
 chosen to have policy regenerate automatically, the daily tripwire cron
 job will fail until you update your tripwire database.
 .
 To avoid this, either chose not to accept the new version of
 /etc/tripwire/twpol.txt or update your database to reflect the change in
 policy by executing
 .
   tripwire -m p /etc/tripwire/twpol.txt
 .
 as root once you have completed installing this package.  Please see
 /usr/share/doc/tripwire/README.Debian for more details.