On Mon, Oct 18, 2004 at 10:41:33AM +0200, [EMAIL PROTECTED] wrote: > VK wrote: > > >Of course, storing key in plain text is less secure. > > > Of course. > > So what do people of the real world do? I don't suppose they expect to have
I do not know, never been there :-) > > to attend every server restart do they? Is there some hardware setup > which can > > help them with that maybe? You have to realize this is an inherent problem, not something technical you can work around. If you want encryption, you have to supply a key. If you do not want to do that yourself at boot, you have to put it in the server somehow. Some ways to put it in the server are more secure than others, but if anyone has physical access to it he got your key. That said, while I never worked with one, I have a feeling a smartcard implementation has the potential to be much more secure than a file on the disk, and still managable. You can also think about software-only solutions that will be good enough for most people. E.g. you can put the key on comodity hardware (Disk-on-Key?) that's inaccessible after bootup (because you rmmoded its driver and prevented further insmoding. Note that IIRC there is already proof-of-concept code that changes a running kernel even with modules disabled, though). -- Didi ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
