> Hello Thomas,
>
> as Jeroen already said, the problem with this is that if they steal only the hard-drive, the data should be safe. Instead, if they steal the > whole server (which is somewhat harder, but not impossible), they only need it to boot and the BIOS would decrypt the data for the attacker.
Hello Jonas, Thomas,
Actually, I beg to differ. I've both heard of and experienced situations where a server room was raided by criminals in which cases almost all systems were taken - lock, stock and barrel. I've never heard of or experienced situations where only the hard disk of a server was removed/stolen (at least not in situations where the server was a production server which was correctly housed in a purpose build server room).
From that point of view, I would strongly advise against using any technique where the credentials required for decrypting/accessing the encrypted content are stored on the same system. I cannot fathom a serious threat model in which case this concept offers significant levels of security. In most cases if not all it will give a false sense of security, the worst kind of all.
A setup using Mandos in combination with LUKS would be preferable - although in that case it would be advisable to have the Mandos server located in another building from the actual servers. Otherwise there is the risk of the Mandos server being stolen together with the server(s) it helps secure.
Rgds,
Jeroen