On 01/11/09 15:06, Karol Babioch wrote: > Hi, > > I'm wondering whether there is a possibility to encrypt a remote system > using Arch Linux? I have installed Arch on a remote server, and don't > like the idea that anyone with physical access to my system has access > to my data. So is there something I can do about it? > > Using dm-crypt (with luks) doesn't work at all, as I can't input the > passphrase when I reboot my system, the technician would really hate me > if I ask them to attach a remote console each time I reboot my system. > > So is there anything I can do? AFAICS there is *nothing* you can do against someone with physical access. Encrypting the disk will only protect it while it's at rest, as soon as you've booted the system you're back to the situation where you have to trust the physical hardware, network, etc. I assume you're talking about encrypting the *entire system* (as opposed to just your home directory, since that would be obviously without any effect at all). Given that, out of curiosity, how do you plan on getting the password to the remote system at boot time? /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe
Attachment:
signature.asc
Description: OpenPGP digital signature
