* Ben Collins said: > > > machine cannot boot without user interaction (some one to authenticate > > > or supply the password for the filesystem). > > Isn't that too much ado? No physical access is the cure - serious approach > > to security requires NO PHYSICAL ACCESS to the server machine. > > Tell that to people who have their servers in a co-located isp. My Well, I know such ISPs but they all offer (for more money, of course) mounting your server in a rack - and that's secure.
> server does not have a floppy, but my tape backup is piped through mcrypt > so no one can just grab the tape and pull out all of my secure files. > Remember, a trusted physical environment is not always present. Unfortunately... But people who have their servers at their workplace can, and should, make sure no physical access is possible. regards, marek
pgpfAl7CG2YpQ.pgp
Description: PGP signature
