[arch-general] Encrypting remote system

Magnus Therning magnus at therning.org
Sun Nov 1 15:19:46 EST 2009

On 01/11/09 15:06, Karol Babioch wrote:
> Hi,
> I'm wondering whether there is a possibility to encrypt a remote system
> using Arch Linux? I have installed Arch on a remote server, and don't
> like the idea that anyone with physical access to my system has access
> to my data. So is there something I can do about it?
> Using dm-crypt (with luks) doesn't work at all, as I can't input the
> passphrase when I reboot my system, the technician would really hate me
> if I ask them to attach a remote console each time I reboot my system.
> So is there anything I can do?

AFAICS there is *nothing* you can do against someone with physical access.
Encrypting the disk will only protect it while it's at rest, as soon as you've
booted the system you're back to the situation where you have to trust the
physical hardware, network, etc.

I assume you're talking about encrypting the *entire system* (as opposed to
just your home directory, since that would be obviously without any effect at
all).  Given that, out of curiosity, how do you plan on getting the password
to the remote system at boot time?


Magnus Therning                        (OpenPGP: 0xAB4DFBA4)
magnus@therning.org          Jabber: magnus@therning.org
http://therning.org/magnus         identi.ca|twitter: magthe

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20091101/0582b9e1/attachment.bin>

More information about the arch-general mailing list