Re: is it possible to create a black box with debian?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/11/06 09:52, enediel gonzalez wrote:
> Hello:
>
> I looking for information how to create a black box with debian to be
> able to put a system on untrusted locations.
>
> This system contains a web site as the only interface for the local
> users, and ssh as the only way for the remote administration.
>
> Locally, the server could be turned off, and restarted, consider the
> case that it's necessary to change the ups, etc.
>
> I need to protect the server against the case that somebody makes a disk
> image, and later on can investigate what it's contained on it.
>
> I found information about filesystems encryption, but in this scenario
> somebody locally should have access in some way to key, I wanted to
> avoid that, so the server could restart having somewhere encrypted all
> the necessary information to start.
>
> For local users is should be a real black box.
>
> Thanks in advance for any help, suggestion,. etc.
Is kiosk-mode (which is handled by the WM/DE) what you are looking
for? That plus appropriate case design (BIOS password, no access to
USB ports, strong case lock, disabled Ctrl-Alt-Del, no CD/DVD drive,
etc) and a no-module kernel should get you most of the way to where
you want to be.
- --
Ron Johnson, Jr.
Jefferson LA USA
Is "common sense" really valid?
For example, it is "common sense" to white-power racists that
whites are superior to blacks, and that those with brown skins
are mud people.
However, that "common sense" is obviously wrong.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFBYGDS9HxQb37XmcRAttIAJ0fjUee/0Mn/k2phSYP30f1ASiQaACgyRmf
WU1cluzxwRFnyyK4ekRo8uc=
=ehp5
-----END PGP SIGNATURE-----
Reply to: