I am supporting a small network of Linux boxes running RH3 in a restricted area, with no connection to an outside network; hence I do not use freshclam to update the virus data base files, but rather download main.cvd and daily.cvd and manually upgrade each of the four machines. My question is this- is there a digital signature capability for these files that is associated with a manual download? If so, what are the steps I need to follow? I am using gnupg 1.2.1 and am familiar with adding public keys, such as the ones on the dag/wieers website used to sign the binary RPMs. Are there signature files associated with the main.cvd and daily.cvd files posted on the home page of clamav.net? If so, whose key is used to encrypt? (You may correctly ask "why bother running Clam or mess with digital signatures if you're not on the public net?" The reason is, that due to the sensitive nature of the processing that goes on using these machines, the powers that be worry about protection from viruses period, and using open source is a further cause for their concern, so the ability to at least download from trusted sources is a big thing to them).
The answers to FAQ questions 20 and 36 do not seem to apply to my situation, but I may not be smart enough to know if they do, as I am a very inexperienced Linux newbie. I wasn't able to find any other postings that seemed to be relevant to my situation either. Any help would be greatly appreciated. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
