[Gllug] [OT] Disk Encryption

[- Tethys]

On Sat, Mar 6, 2010 at 12:16 PM, Richard Jones <rich at annexia.org> wrote:

> You should be aware that if you use whole-disk encryption on a server,
> then you must be physically present to type in a passphrase when the
> server boots.  For servers this is usually not so convenient!

Well, no. You need access to the console, which isn't quite the same
thing. I have zero sympathy for anyone that installs a server in a
remote datacentre without also adding a serial console. Of course,
you still need to enter the password, which means no unattended
reboots. But if the machine is sufficiently important, you'll have
an alert sent to your phone/pager to let you know that it needs
attention anyway.

Tet

-- 
“It seems intuitively obvious to me, which means that it might be
wrong.” -- Chris Torek
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug