So you backup on harddrive, not tape and theses are not incremental
backups.
But my question about backup was not only for you but for all that
encrypt their servers.
The backup part is generally the weakest point.
Le 2014-06-02 13:58, Matti Nykyri a écrit :
On Jun 2, 2014, at 15:36, godzil <god...@godzil.net> wrote:
Le 2014-06-02 13:23, Matti Nykyri a écrit :
On Jun 2, 2014, at 16:40, "J. Roeleveld" <jo...@antarean.org> wrote:
Well i have a switch in the door of the server room. It opens when
you
open the door. That signals the kernel to wipe all the encryption
keys
from kernel memory. Without the keys there is no access to the disks.
After that another kernel is executed which wipes the memory of the
old kernel. If you just pull the plug memory will stay in its state
for an unspecified time.
Swap uses random keys.
network switches and routers get power only after firewall-server is
up and running.
There is no easy way to enter the room without wipeing the encryption
keys. Booting up the server requires that a boot disk is brought to
the computer to decrypt the boot drive. Grub2 can do this easily.
This
is to prevent some one to tamper eith a boot loader.
System is not protected against hardware tamperment. The server room
is an RF-cage.
I consoder this setup quite secure.
It's nice to encrypt and wipe things automatically, but what about the
backups?
Well i have backups on their own drive with its own keys. I have
backups of the keys in another location. The drives are LUKS drivers
with detached LUKS info.
