-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/11/06 09:52, enediel gonzalez wrote: > Hello: > > I looking for information how to create a black box with debian to be > able to put a system on untrusted locations. > > This system contains a web site as the only interface for the local > users, and ssh as the only way for the remote administration. > > Locally, the server could be turned off, and restarted, consider the > case that it's necessary to change the ups, etc. > > I need to protect the server against the case that somebody makes a disk > image, and later on can investigate what it's contained on it. > > I found information about filesystems encryption, but in this scenario > somebody locally should have access in some way to key, I wanted to > avoid that, so the server could restart having somewhere encrypted all > the necessary information to start. > > For local users is should be a real black box. > > Thanks in advance for any help, suggestion,. etc.
Is kiosk-mode (which is handled by the WM/DE) what you are looking for? That plus appropriate case design (BIOS password, no access to USB ports, strong case lock, disabled Ctrl-Alt-Del, no CD/DVD drive, etc) and a no-module kernel should get you most of the way to where you want to be. - -- Ron Johnson, Jr. Jefferson LA USA Is "common sense" really valid? For example, it is "common sense" to white-power racists that whites are superior to blacks, and that those with brown skins are mud people. However, that "common sense" is obviously wrong. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFBYGDS9HxQb37XmcRAttIAJ0fjUee/0Mn/k2phSYP30f1ASiQaACgyRmf WU1cluzxwRFnyyK4ekRo8uc= =ehp5 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
