Re: encrpyt harddrive without passphrase/userinput
On Sun, Feb 26, 2006 at 11:26:23PM +0100, Mario Ohnewald wrote:
> On Sun, 2006-02-26 at 14:13 -0800, Stephan Wehner wrote:
> > Who is going to be booting this machine??
> It´s a server. It is supposed to be online all the time.
> Once turned on it will run till someone reboots its remotely or due to
> power failure or something alike.
>
> The whole scenario can be pictured like this:
>
> Put your server in a corner of a street and secure it. In case someone
> hits the reset button it needs to be able to boot automatically without
> user input.
>
> In a nutshell: Secure it without physical security and user input.
>
I guess you need an initrd image with networking and sshd. Generate keys
with ssh-keygen and put from= & command= options into authorized_keys file
on server along with public key.
Now you'd be okay until someone is granted enough time & reboots to find out
what's in your initrd - and to get password he'd need to be at the right
place as well.
--
matej kovac
matej@pobox.sk
Reply to: