sudo apt-get update
sudo apt-get install tripwire

The installation will run through quite a bit of configuration of the packages that are required.

First, it will configure the mail application that is being pulled in as a dependency. If you want to configure email notifications, select “internet site”.

It will ask you if you want to select passphrases during installation. Select “yes” to both of these prompts. It will ask if it can rebuild the configuration file. Select “yes”. It will ask a similar question about the policy file. Again, answer “yes”.

Next, you will be asked to choose and confirm a site key passphrase. Tripwire uses two keys to secure its configuration files.

• site key: This key is used to secure the configuration files. We need to ensure that the configuration files aren't modified, or else our entire detection system cannot be trusted. Since the same configuration files can be used for multiple servers, this key can be used across servers.

• local key: This key is used on each machine to run the binaries. This is necessary to ensure that our binaries are not run without our consent.

You will first choose and confirm a passphrase for the site key, and then for the local key. Make sure you choose strong passphrases.