>>>>> "KS" == Kevin Schroeder <[EMAIL PROTECTED]> writes:
KS> This would make an interesting discussion because I've had the
KS> same question come up in my mind. How do you encrypt things on
KS> your server without giving out the passphrase? Is it even
KS> possible to keep the key in the same location as the program using
KS> it and still maintain security?
No; the only way to secure this would be to make the server ask you to
type the passphrase on startup, and you never write this down. This
makes it impossible to have automated restart, of course.
Better thing to do is to secure your database server a bit better.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D. Khera Communications, Inc.
Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/
