* Ben Collins said: > > > machine cannot boot without user interaction (some one to authenticate > > > or supply the password for the filesystem). > > Isn't that too much ado? No physical access is the cure - serious approach > > to security requires NO PHYSICAL ACCESS to the server machine. > > Tell that to people who have their servers in a co-located isp. My Well, I know such ISPs but they all offer (for more money, of course) mounting your server in a rack - and that's secure. > server does not have a floppy, but my tape backup is piped through mcrypt > so no one can just grab the tape and pull out all of my secure files. > Remember, a trusted physical environment is not always present. Unfortunately... But people who have their servers at their workplace can, and should, make sure no physical access is possible. regards, marek
Attachment:
pgpw_otljiMgj.pgp
Description: PGP signature