On Jun 2, 2014, at 15:36, godzil <[email protected]> wrote: > Le 2014-06-02 13:23, Matti Nykyri a écrit : >> On Jun 2, 2014, at 16:40, "J. Roeleveld" <[email protected]> wrote: >> Well i have a switch in the door of the server room. It opens when you >> open the door. That signals the kernel to wipe all the encryption keys >> from kernel memory. Without the keys there is no access to the disks. >> After that another kernel is executed which wipes the memory of the >> old kernel. If you just pull the plug memory will stay in its state >> for an unspecified time. >> Swap uses random keys. >> network switches and routers get power only after firewall-server is >> up and running. >> There is no easy way to enter the room without wipeing the encryption >> keys. Booting up the server requires that a boot disk is brought to >> the computer to decrypt the boot drive. Grub2 can do this easily. This >> is to prevent some one to tamper eith a boot loader. >> System is not protected against hardware tamperment. The server room >> is an RF-cage. >> I consoder this setup quite secure. > > It's nice to encrypt and wipe things automatically, but what about the > backups?
Well i have backups on their own drive with its own keys. I have backups of the keys in another location. The drives are LUKS drivers with detached LUKS info. -- -Matti
