Re: encrpyt harddrive without passphrase/userinput
On Sun, Feb 26, 2006 at 10:11:44PM +0100, Mario Ohnewald wrote:
> Hello security list!
>
> I would like to secure the harddrive/partitions of linux box.
>
> The whole setup must fulfill the following requirements:
>
> a) it must be able to boot (remotely) without userinput/passphrase
> b) the importtant partitions such as /etc, /var, /usr and /home must be
> encrypted/protected.
I just ask myself why you bother encrypting a filesystem that will be
accessible to anyone having access to the machine since it boots without
password?
> Is this even possible? Is there a way?
Is it something you'd really want? Encrypting a filesystem is a
protection against someone having physical access to the machine or the
harddrive. If the machine (the disk in another machine) boots without
password, you might as well _not_ encrypt it.
HIR (hope I'm right)
Horst
--
Real programmers don't bring brown-bag lunches. If the vending machine
doesn't sell it, they don't eat it. Vending machines don't sell quiche.
Reply to: