Re: Question related to FDE (Full Disk Encryption) solution under Linux Debian Lenny
Hi Jonas,
Jonas Andradas wrote:
however, having to start up the Mandos server in order for the host to
start-up could defeat the purpose of Mandos itself, which is supposed to
allow servers to start up autonomously, without human intervention. Of
course, you could always have your monitoring software detect the server
failure or reboot and as an action, trigger the startup of a Mandos VM.
In this case, however, the Mandos server probably would not be
full-disk encrypted (otherwise, it would need human intervention to
start or another Mandos-server running somewhere), but maybe it would be
possible to come up with an interesting setup to achieve this.
It also sounds like something that could be turned into a service, like
DNS -- have two or more Mandos servers available for clients; same as
DNS, have them on different networks and also different physical
locations where possible.
--
Kind Regards
AndrewM
Andrew McGlashan
Broadband Solutions now including VoIP
Reply to: