| 1 |
Le 2014-06-02 13:23, Matti Nykyri a écrit : |
| 2 |
> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@××××××××.org> wrote: |
| 3 |
> |
| 4 |
> |
| 5 |
> Well i have a switch in the door of the server room. It opens when you |
| 6 |
> open the door. That signals the kernel to wipe all the encryption keys |
| 7 |
> from kernel memory. Without the keys there is no access to the disks. |
| 8 |
> After that another kernel is executed which wipes the memory of the |
| 9 |
> old kernel. If you just pull the plug memory will stay in its state |
| 10 |
> for an unspecified time. |
| 11 |
> |
| 12 |
> Swap uses random keys. |
| 13 |
> |
| 14 |
> network switches and routers get power only after firewall-server is |
| 15 |
> up and running. |
| 16 |
> |
| 17 |
> There is no easy way to enter the room without wipeing the encryption |
| 18 |
> keys. Booting up the server requires that a boot disk is brought to |
| 19 |
> the computer to decrypt the boot drive. Grub2 can do this easily. This |
| 20 |
> is to prevent some one to tamper eith a boot loader. |
| 21 |
> |
| 22 |
> System is not protected against hardware tamperment. The server room |
| 23 |
> is an RF-cage. |
| 24 |
> |
| 25 |
> I consoder this setup quite secure. |
| 26 |
|
| 27 |
It's nice to encrypt and wipe things automatically, but what about the |
| 28 |
backups? |
Archives