[Gllug] [OT] Disk Encryption
Richard Jones
rich at annexia.org
Sat Mar 6 12:52:56 UTC 2010
On Sat, Mar 06, 2010 at 12:28:09PM +0000, - Tethys wrote:
> On Sat, Mar 6, 2010 at 12:16 PM, Richard Jones <rich at annexia.org> wrote:
>
> > You should be aware that if you use whole-disk encryption on a server,
> > then you must be physically present to type in a passphrase when the
> > server boots. For servers this is usually not so convenient!
>
> Well, no. You need access to the console, which isn't quite the same
> thing. I have zero sympathy for anyone that installs a server in a
> remote datacentre without also adding a serial console. Of course,
> you still need to enter the password, which means no unattended
> reboots. But if the machine is sufficiently important, you'll have
> an alert sent to your phone/pager to let you know that it needs
> attention anyway.
True true. However when I temporarily had my desktop machine located
in my old house just after moving to my new house, I cursed whole disk
encryption about 3 minutes after I rebooted the desktop machine
remotely ...
Rich.
--
Richard Jones
Red Hat
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list