[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: encrpyt harddrive without passphrase/userinput

On Sun, Feb 26, 2006 at 11:26:23PM +0100, Mario Ohnewald wrote:
> On Sun, 2006-02-26 at 14:13 -0800, Stephan Wehner wrote:
> > Who is going to be booting this machine??
> It´s a server. It is supposed to be online all the time.
> Once turned on it will run till someone reboots its remotely or due to
> power failure or something alike.
> 
> The whole scenario can be pictured like this:
> 
> Put your server in a corner of a street and secure it. In case someone
> hits the reset button it needs to be able to boot automatically without
> user input. 
> 
> In a nutshell: Secure it without physical security and user input.
> 
I guess you need an initrd image with networking and sshd. Generate keys
with ssh-keygen and put from= & command= options into authorized_keys file
on server along with public key.

Now you'd be okay until someone is granted enough time & reboots to find out
what's in your initrd - and to get password he'd need to be at the right
place as well.

-- 
matej kovac
matej@pobox.sk
Reply to: