Marcus is absolutely right. SERVERS:
This is a common misconception. People need to realize that physical security is required. Place the servers behind locked doors. Disk controllers which provide encryption/decryption (without performance penalty) cost extra money. Soft encryption would definitely impact system performance. There are hardware key devices, but usually it is desirable that the system would reboot properly without human intervention. That would require leaving the hardware key inserted. So you still need a secure location. WORKSTATIONS: There are lots of ways to encrypt files. Even msdos users have had this option for years with programs like pkzip. If the data is sensitive and the location is not physically secure, I suggest using such software in such a manner that the key must be typed in or loaded from removable media. There is also the option of keeping the data on removable media, whether encrypted or not. If your workstation is unprotected, it might be better to deal with things like the netscape cache living on a slow zip disk rather than having the person who cleans the office at night exploring your personal world. ANOTHER REASON TO PLACE THE SERVERS IN A PHYSICALLY SECURE LOCATION: I was having an important discussion with a customer that I built a linux server for. He brought his young child with him to his office that evening. The child behaves very poorly. Guess what button he pressed? The reset button on the primary server! This behavior is not limited to children, so I suggest that it is best to protect the location. Just make a partition and use strong fencing mesh for ventilation so you won't be creating a sauna room. Leave the lights off because people like to look in and see all the pretty colored LEDs :) +----------------------------------------------------------------------+ + Paul Wade Greenbush Technologies Corporation + + mailto:[EMAIL PROTECTED] http://www.greenbush.com/ + +----------------------------------------------------------------------+ On Sat, 10 Oct 1998, Marcus Brinkmann wrote: > On Sat, Oct 10, 1998 at 11:26:30AM +0200, Norbert Nemec wrote: > > On Sat, 10 Oct 1998 10:42:52 +0100, Ralf G. R. Bergs wrote: > > > > >On Sat, 10 Oct 1998 00:52:49 -0700 (PDT), George Bonser wrote: > > > > > >[...] > > >>ALlow me to translate. Boot the rescue disk as if you are installing, > > >[whole story deleted] > > > > > >Hey guys, why so complicated??? > > > > > >What's wrong with giving LILO a kernel command line of "init=/bin/sh"? > > >This way > > >you boot straight into sh, and you can then change the root password. > > > > > >This is how I usually do it under Slackware, and even tho Debian uses > > >shadow > > >passwords it should work the same way. > > > > > > Ouch, I tried it, it really works!!!! That means on a standard > > Linux-machine, everybody could just switch off the power, give the > > LILO-kernel option on reboot and be root??!! Why not simply drop the > > need of a login password? > > If you want a secure machine, put the hardware in a metal case, and give > nobody access to it. Especially, remove all connections, including the power > cord! > > Serious, > Marcus
