No matter if you’re running a linux environment on premise or in a cloud instance using any distribution (i. e. Ubuntu, Centos, RHEL or something else), you want to know if something has been touched.

Codenotary allows you exactly that in the most simple way and the verification counterpart is even stored safely outside of your environment.

The following blog post covers the notarization of the /etc directory where configuration files are typically stored and the automatic authentication whenever you log in.

We cover:

  • Install vcn
  • Notarize file or folder
  • change your bash profile to authenticate whenever logging in
  • some example

Install vcn

There are plenty of different ways to install the vcn Command line tool. And of course you can build it yourself. The GitHub repository can be found here:

and the latest release:

If you want a quick installation (Linux, MacOS), you can also use our installation script:

bash <(curl -L)

You can check our manual or simply type vcn help

Notarize file or folder

As vcn is installed and running we can notarize the folder or files we like to verify everytime we log in. These could be:

  • configuration files (Apache, NGINX, Firewall services, Sudoers files and much more)
  • folders containing configuration files
  • file or folders that should never change unnoticed

Make sure you have a free Codenotary account, so you can notarize and only check for your own digital objects.

The notarization of the /etc folder

Tip: Depending on the installation, you might need to use sudo!

# first login with your Codenotary account credentials
vcn login

# Notarize /etc - dir:// acts on the whole folder or directory
# type your password when requested
vcn n dir:///etc 

Folder protection using Codenotary

Notarize /etc as a folder

That’s already it and you can easily double check in your dashboard or by simply typing vcn a dir:///etc if all worked.

dashboard to check the notarization

check the notarization details

In case you simply want to check one or some files, you can use vcn n /path/file without the dir://.

Change your bash profile to authenticate whenever logging in

Instead of authenticate or verify the configuration folder /etc everytime we log in, we want to do that in an automatic way. This example is simple but could be enhanced very easily to secure the environment even more.

Change your local profile: nano ~/.profile and add the following lines:

# calculate the SHA256 checksum of vcn (check the path vcn is installed
# /usr/bin/vcn or /usr/local/bin and change accordingly
CHECKSUM=$(sha256sum /usr/local/bin/vcn | cut -d " " -f 1)

# check if the vendor notarized vcn
# of course you can notarize yourself and check against your identity as well
curl -s$CHECKSUM? | grep -q :0

# error if the curl command failed and vcn could not be authenticated
test $? -eq 0 || echo "VCN Authenticate: FAILED"

# use vcn to authenticate /etc and check against the blockchain
# make sure to change 0x000000000 to your signer key (vcn info)
vcn a dir:///etc -s 0x000000000

# error if vcn could not authenticate /etc
test $? -eq 0 || echo "VCN Auth /etc: FAILED"

Save the file and the next login is already checking the /etc folder.

Some example

Nothing changed since the notarization took place:

no changed in /etc detected

After changing the /etc/sudoers file

the change is automatically being detected


As you could see its so easy and straightforward to use Codenotary to protect your directories or folders. That works for Linux, MacOS and of course Windows as well (we’re covering Microsoft Windows another time).


Save energy without reducing VM performance in your VMware vSphere cluster
16 August 2022
Over the last couple of decades energy consumption went up massively in every data center and while the…
Metrics & Logs support for IoT - Bringing Secure Monitoring and Logging to the Edge
7 July 2022
Simple uptime monitoring for Internet-of-Things (IoT) is well-known and requires knowing if the devices are up and running.…
Monitoring Azure SQL Managed Instance with Opvizor Metrics & Logs
17 January 2022
When you have critical applications and business processes that rely on Azure resources, it's critical to keep an…

White Paper — Registration

You will receive the research paper by mail.

Codenotary — Webinar

White Paper — Registration

Please let us know where we can send the whitepaper on Codenotary Trusted Software Supply Chain. 

Become a partner

Start Your Trial

Please enter contact information to receive an email with the virtual appliance download instructions.

Start Free Trial

Please enter contact information to receive an email with the free trial details.

Subscribe to our newsletter