On Mon, Jan 24, 2011 at 09:51, Thomas Nguyen Van
<t.nguyenvan@jumper.ie> wrote:
Morning Jeroen,
Thanks for your quick reply. I agree with you in general, Software FDE does not protect your datas.
However, in this Seagate solution (ATA Security and/or Drive Trust), we have a hardware FDE which is faster. As far as I understood, it seems that it is possible to store the password in the BIOS and not on the hard drive itself. So that the main sensitive information is not stored on the hard drive and there is no risk to reveal the datas if you steal this hard drive.
Hello Thomas,
as Jeroen already said, the problem with this is that if they steal only the hard-drive, the data should be safe. Instead, if they steal the whole server (which is somewhat harder, but not impossible), they only need it to boot and the BIOS would decrypt the data for the attacker.
That's why I was looking for an equivalent running under linux. :o)
There might be something similar to what you want under Linux. You could use Mandos [1], which is a server that holds the decryption keys of the rest of your servers. This keys are themselves encrypted using GPG, so someone accessing the Mandos server cannot read them, as the private keys are on each of the servers. You have to install a client (mandos-client) on each of your servers. Upon startup, they would communicate with the mandos server and identify themselves over TLS. The Mandos server then provides the encrypted unlock-key, which the server decrypts with its gpg-key and provides it to LUKS to decrypt the hard-drive. This way, servers are able to startup with no human intervention. In order for the mandos-server to be able to start up autonomously, you could set up a secondary mandos-server on another host to help boot that one. Unless all of the servers go down simultaneously (which would require someone to type the key on one of them), they would be able to startup autonomously, providing each other with the necessary encryption keys.
In particular, both "mandos" and "mandos-client" have Debian packages available.
----- Original Message -----
From: "Jeroen van Dongen" <
jeroen@lbvd.nl>
To:
debian-security@lists.debian.org, "Thomas Nguyen Van" <
t.nguyenvan@jumper.ie>
Sent: Monday, January 24, 2011 9:27:38 AM GMT +01:00 Amsterdam / Berlin / Bern / Rome / Stockholm / Vienna
Subject: RE: Question related to FDE (Full Disk Encryption) solution under Linux Debian Lenny
If your server can reboot without a human being present to enter a password, what's to stop someone who steals your server to obtain access to the data?
(snip)