* Horst Pflugstaedt:
> On Sun, Feb 26, 2006 at 11:17:56PM +0100, Florian Weimer wrote:
>> * Horst Pflugstaedt:
>>
>> > I just ask myself why you bother encrypting a filesystem that will be
>> > accessible to anyone having access to the machine since it boots without
>> > password?
>>
>> You can
Jan Luehr wrote:
>topology before granting access to your secure server. (If you're server is
>stolen and connected to the internet, you probably hop across different
>routers to get there) - however, this requires some effort monitoring your
>ISPs routes.
>
Checking the ip/net that the request
Hello,
Am Sonntag, 26. Februar 2006 23:26 schrieb Mario Ohnewald:
> On Sun, 2006-02-26 at 14:13 -0800, Stephan Wehner wrote:
> > Who is going to be booting this machine??
>
> It´s a server. It is supposed to be online all the time.
> Once turned on it will run till someone reboots its remotely or
Mario Ohnewald wrote:
> Hi Horst
>
> On Sun, 2006-02-26 at 22:23 +0100, Horst Pflugstaedt wrote:
> > On Sun, Feb 26, 2006 at 10:11:44PM +0100, Mario Ohnewald wrote:
> > > Hello security list!
> > >
> > > I would like to secure the harddrive/partitions of linux box.
> > >
> > > The whole setup mu
Hello,
I think this should be possible over a special rebuild of initrd image,
which runs before root partition is mounted.
But i don't think you'll find a real secure way to get the secret over
the net.
Regards,
Andreas
Lothar Ketterer schrieb:
Hi Mario,
On Sun, 26 Feb 2006, Mario Ohnewa
On Sun, Feb 26, 2006 at 11:17:56PM +0100, Florian Weimer wrote:
> * Horst Pflugstaedt:
>
> > I just ask myself why you bother encrypting a filesystem that will be
> > accessible to anyone having access to the machine since it boots without
> > password?
>
> You can return hard disks to the vendor
Horst Pflugstaedt <[EMAIL PROTECTED]> wrote:
>> a) it must be able to boot (remotely) without userinput/passphrase
You can use nfs-root or initramdisk from a trusted machine.
>> b) the importtant partitions such as /etc, /var, /usr and /home must be
>> encrypted/protected.
>
> I just ask myself
Hi Mario,
On Sun, 26 Feb 2006, Mario Ohnewald wrote:
a) it must be able to boot (remotely) without userinput/passphrase
b) the importtant partitions such as /etc, /var, /usr and /home must be
encrypted/protected.
I think the problem will be that you cannot put /etc outside of the root
partiti
On Sun, 2006-02-26 at 14:13 -0800, Stephan Wehner wrote:
> Who is going to be booting this machine??
It´s a server. It is supposed to be online all the time.
Once turned on it will run till someone reboots its remotely or due to
power failure or something alike.
The whole scenario can be pictured
* Horst Pflugstaedt:
> I just ask myself why you bother encrypting a filesystem that will be
> accessible to anyone having access to the machine since it boots without
> password?
You can return hard disks to the vendor for warranty claims even if
they still contain sensitive data.
--
To UNSUB
* Mario Ohnewald:
> The whole setup must fulfill the following requirements:
>
> a) it must be able to boot (remotely) without userinput/passphrase
> b) the importtant partitions such as /etc, /var, /usr and /home must be
> encrypted/protected.
Put the key on an USB stick, and load it from an ini
Hi Horst
On Sun, 2006-02-26 at 22:23 +0100, Horst Pflugstaedt wrote:
> On Sun, Feb 26, 2006 at 10:11:44PM +0100, Mario Ohnewald wrote:
> > Hello security list!
> >
> > I would like to secure the harddrive/partitions of linux box.
> >
> > The whole setup must fulfill the following requirements:
>
Hello,
Am Sonntag, 26. Februar 2006 22:11 schrieb Mario Ohnewald:
> Hello security list!
>
> I would like to secure the harddrive/partitions of linux box.
>
> The whole setup must fulfill the following requirements:
>
> a) it must be able to boot (remotely) without userinput/passphrase
> b) the im
On Sun, Feb 26, 2006 at 10:11:44PM +0100, Mario Ohnewald wrote:
> Hello security list!
>
> I would like to secure the harddrive/partitions of linux box.
>
> The whole setup must fulfill the following requirements:
>
> a) it must be able to boot (remotely) without userinput/passphrase
> b) the im
Hello security list!
I would like to secure the harddrive/partitions of linux box.
The whole setup must fulfill the following requirements:
a) it must be able to boot (remotely) without userinput/passphrase
b) the importtant partitions such as /etc, /var, /usr and /home must be
encrypted/protect
15 matches
Mail list logo
