1 |
So you backup on harddrive, not tape and theses are not incremental |
2 |
backups. |
3 |
|
4 |
But my question about backup was not only for you but for all that |
5 |
encrypt their servers. |
6 |
|
7 |
The backup part is generally the weakest point. |
8 |
|
9 |
|
10 |
Le 2014-06-02 13:58, Matti Nykyri a écrit : |
11 |
> On Jun 2, 2014, at 15:36, godzil <godzil@××××××.net> wrote: |
12 |
> |
13 |
>> Le 2014-06-02 13:23, Matti Nykyri a écrit : |
14 |
>>> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@××××××××.org> wrote: |
15 |
>>> Well i have a switch in the door of the server room. It opens when |
16 |
>>> you |
17 |
>>> open the door. That signals the kernel to wipe all the encryption |
18 |
>>> keys |
19 |
>>> from kernel memory. Without the keys there is no access to the disks. |
20 |
>>> After that another kernel is executed which wipes the memory of the |
21 |
>>> old kernel. If you just pull the plug memory will stay in its state |
22 |
>>> for an unspecified time. |
23 |
>>> Swap uses random keys. |
24 |
>>> network switches and routers get power only after firewall-server is |
25 |
>>> up and running. |
26 |
>>> There is no easy way to enter the room without wipeing the encryption |
27 |
>>> keys. Booting up the server requires that a boot disk is brought to |
28 |
>>> the computer to decrypt the boot drive. Grub2 can do this easily. |
29 |
>>> This |
30 |
>>> is to prevent some one to tamper eith a boot loader. |
31 |
>>> System is not protected against hardware tamperment. The server room |
32 |
>>> is an RF-cage. |
33 |
>>> I consoder this setup quite secure. |
34 |
>> |
35 |
>> It's nice to encrypt and wipe things automatically, but what about the |
36 |
>> backups? |
37 |
> |
38 |
> Well i have backups on their own drive with its own keys. I have |
39 |
> backups of the keys in another location. The drives are LUKS drivers |
40 |
> with detached LUKS info. |