This one is kind of maddening. 4 brand new servers, all installed around the same time, firewalled to only allow ssh from a handful of IPs, and key-based auth only. It's a fair assumption that none of them were broken into, both based on the access restrictions and the fact the the "IDS" option is reporting 16,721 files with the wrong digest.
I also know that on this host there was an interrupted freebsd-update, and I suspect this has something to do with this issue.
What I've done so far: run freebsd-update a number of times to get actual updates (all without error), remove everything in /var/db/freebsd-update/files and re-run the IDS command.
Any ideas how to troubleshoot what's going on here?
Are there any other freebsd-update temporary or transient files/directories that should be nuked to "reset" things?
I also know that on this host there was an interrupted freebsd-update, and I suspect this has something to do with this issue.
What I've done so far: run freebsd-update a number of times to get actual updates (all without error), remove everything in /var/db/freebsd-update/files and re-run the IDS command.
Any ideas how to troubleshoot what's going on here?
Are there any other freebsd-update temporary or transient files/directories that should be nuked to "reset" things?