Hi, > 1. We are using gpg encryption to store confidential files on the install > server. > > After the installation you have to log in as root and start a script that > * temporarily fetches the secret gpg key > * decodes file content, fixes ownership and permission > for all encrypted files. > > 2. We set a random root password at installation time, encrypt (gpg) it and > send it by mail.
i've documented that in the howto section of the fai wiki (http://faiwiki.informatik.uni-koeln.de/index.php/Howtos) # Encrypting confidential files on the install server # Generate random root password during installation, encrypt and send by mail Cheers, Thomas
