-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 09/19/2018 02:57 AM, Andy Smith wrote: > For sophisticated attackers who could do the clever thing, and had > physical access to the server for enough time, it would be simpler > to get a key for an encrypted file system by using hardware memory > scanners and reading it right off the memory bus." Another attack would be to note the exact time that you removed the servers, then when you wish to talk with them again, set up an NTP server to provide the old time (intercepting any requests trying to get the time from another server of course). Mandos does sound interesting though, but I don't think I'll be using it. Especially if it is possible to easily lock yourself out! Cheers AbndrewM -----BEGIN PGP SIGNATURE----- iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCW6JvcgAKCRCoFmvLt+/i ++WrAPsFm6b0dUqtHGh3S4Nhyyc5nL2M6vyi880aAJwF3wHXIgEAxxtdKZAdePqQ aGe8EMYKDRsjhkP9Mxd74qtxVZ8S58E= =2TGh -----END PGP SIGNATURE-----