-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/11/06 11:55, enediel gonzalez wrote: > > On 09/11/06 09:52, enediel gonzalez wrote: >> Hello: >> >> I looking for information how to create a black box with debian to be >> able to put a system on untrusted locations. >> >> This system contains a web site as the only interface for the local >> users, and ssh as the only way for the remote administration. >> >> Locally, the server could be turned off, and restarted, consider the >> case that it's necessary to change the ups, etc. >> >> I need to protect the server against the case that somebody makes a disk >> image, and later on can investigate what it's contained on it. >> >> I found information about filesystems encryption, but in this scenario >> somebody locally should have access in some way to key, I wanted to >> avoid that, so the server could restart having somewhere encrypted all >> the necessary information to start. >> >> For local users is should be a real black box. >> >> Thanks in advance for any help, suggestion,. etc. > >> Is kiosk-mode (which is handled by the WM/DE) what you are looking >> for? That plus appropriate case design (BIOS password, no access to >> USB ports, strong case lock, disabled Ctrl-Alt-Del, no CD/DVD drive, >> etc) and a no-module kernel should get you most of the way to where >> you want to be. >> Ron Johnson, Jr. >> Jefferson LA USA > - -- > Thank you for your answer. > > I was looking for more information about your option, but it looks like > something to be used over the graphic interface. > > If I'm wrong please correct me this detail.
Yes, kiosk mode is handled by the Window Manager or the Desktop Environment. > In my case, I don't need any graphic interface on the black box, the > users can run any operating system on their desktop. In that case, the hardware issues that I mentioned (BIOS password, no access to USB ports, strong case lock, disabled Ctrl-Alt-Del, no CD/DVD drive, etc) will still serve you. Note, though that this is a *Debian* (therefore *Linux) list, so we can't/won't tell you how to secure MSFT Windows... - -- Ron Johnson, Jr. Jefferson LA USA Is "common sense" really valid? For example, it is "common sense" to white-power racists that whites are superior to blacks, and that those with brown skins are mud people. However, that "common sense" is obviously wrong. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFBZnRS9HxQb37XmcRAszqAKCMj0S5looO0wqLocYcWZILZ6LUuwCg2ht7 7uM/YT5fydBoWUbMlCVNyoU= =qA3i -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
