Re: encrpyt harddrive without passphrase/userinput

[Horst Pflugstaedt <horst@uni-duisburg.de>]

On Sun, Feb 26, 2006 at 10:11:44PM +0100, Mario Ohnewald wrote:
> Hello security list!
> 
> I would like to secure the harddrive/partitions of linux box.
> 
> The whole setup must fulfill the following requirements:
> 
> a) it must be able to boot (remotely) without userinput/passphrase
> b) the importtant partitions such as /etc, /var, /usr and /home must be
> encrypted/protected.

I just ask myself why you bother encrypting a filesystem that will be
accessible to anyone having access to the machine since it boots without
password?

> Is this even possible? Is there a way?

Is it something you'd really want? Encrypting a filesystem is a
protection against someone having physical access to the machine or the
harddrive. If the machine (the disk in another machine) boots without
password, you might as well _not_ encrypt it.

HIR (hope I'm right)
Horst

-- 
Real programmers don't bring brown-bag lunches.  If the vending machine
doesn't sell it, they don't eat it.  Vending machines don't sell quiche.