Re: Encrypted VM's (was Re: OT: Cloud Computing is coming to ...)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 07/20/2010 03:11 PM, Michael Semcheski wrote:
> On Tue, Jul 20, 2010 at 2:27 PM,  <J.Witvliet@xxxxxxxxx> wrote:
>> Just in general, what's the point in having server-disks (either local or "in-the-cloud" encrypted?
>> As soon as you start them up, all we be de-crypted and your system is only protected by normal security measures.
>>
>> Only usefull purpose might be to give each user their own encrypted backup-storage.
>> Something like a remote-tape-device...
> 
> Well, you don't have to store the encryption key with the server.
> That means you might have to provide the key when the server boots up,
> and obviously that could be problematic (especially in a remote
> location.)  But it would supplement the physical security of the
> server, and prevent someone with unauthorized access from booting with
> a live CD and copying data out, or just stealing the server to get to
> the data.
> 
> But generally I agree with your point.

  What may make a lot more sense - is a VM with only /home encrypted -
when user gains access - one could also bind mount /tmp from /home/tmp
and /var/tmp out of /home/var/tmp ...

  Be nice to switch swap to encrypted too at that point.


 This way -the VM can be booted no prob with unencrypted root - but user
of VM gets privacy.

  I would think this would be highly desirable.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux