----- Forwarded message from Jeffrey M. Smith -----
Date: Tue, 04 Jan 2000 16:40:40 -0500
From: "Jeffrey M. Smith" <[EMAIL PROTECTED]>
Subject: starting up servers that need access to secrets
Is there a good solution to the problem of starting up a network server that
needs access to an encrypted database? For instance, a server that has its own
RSA key pair encrypted on disk, and needs to decrypt it during operation so
the private key is available in memory?
[ text deleted]
----- End of forwarded message from Jeffrey M. Smith -----
If you find any let me know, I have the same problem myself.
To date the only solution I've come up with would be some sort of PCMCIA
card key generator and another algorithm on the drives boot loader that
would calculate a new key based on the old key and some parameter like the
time of day (the PCMCIA would have to have an independent and accurate clock
itself). If the PCMCIA card is ever removed from the server it could be auto
erased or perhaps simply increment the key with some alternate method that
would then require a manualy typed in pass phrase (in both cases).
____________________________________________________________________
The future is downloading. Can you hear the impact?
O[rphan] D[rift>]
Cyber Positive
The Armadillo Group ,::////;::-. James Choate
Austin, Tx /:'///// ``::>/|/ [EMAIL PROTECTED]
www.ssz.com .', |||| `/( e\ 512-451-7087
-====~~mm-'`-```-mm --'-
--------------------------------------------------------------------
