Security Basics mailing list archives
Remotely decrypting a server (Linux)
From: Niall <phierstarter () gmail com>
Date: Sun, 12 Sep 2010 04:25:25 +0100
Hi folks, I have a tricky one here where i need to find a way to securely authenticate a decryption mechanism of some sort where the authentication is provided remotely without any user-interaction. Right now i have a number of boxes that all inform a central server when they are online. When they do this an OpenVPN connection is set up between them and the server. However, i have been given the task to ensure that the scripts involved in this process are encrypted by default. This requires some form of self-decryption, which to my mind kind of goes against the whole idea of encryption/authentication in the first place. I need some way to leave decrypted the bare essentials required to boot a box and securely connect to the central server automatically. Then the server would automatically send a key/passphrase and the rest of the files on the box would then be decrypted on the fly. If anyone knows of any software that provides this (maybe through VMs?) it would be greatly appreciated. I should add hat i'm also open to the idea of self-encrypting hard disks, but what i've read about these in regards to Linux support has put me off the whole TCG model. Thanks. -- Niall ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Remotely decrypting a server (Linux) Niall (Sep 13)
- Message not available
- Re: Remotely decrypting a server (Linux) Niall (Sep 14)
- Message not available
- Re: Remotely decrypting a server (Linux) J.Hart, Elec.Eng.Tech. (Sep 14)
- <Possible follow-ups>
- Remotely decrypting a server (Linux) Niall (Sep 14)