Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to protect Linux by full disk encryption?
Special Forums Cybersecurity How to protect Linux by full disk encryption? Post 302894046 by postcd on Sunday 23rd of March 2014 10:23:12 AM
Old 03-23-2014
How to protect Linux by full disk encryption?
Hello, you may know that linux root password can be resetted (example from rescue mode), so this means linux server offers no protection against access of data when you get somehow remote or physical access to server?

So my question is how i can full encrypt linux webserver disk so no one can read disk data even he got physical access to the server? the best way, links? thank you
 

7 More Discussions You Might Find Interesting

1. News, Links, Events and Announcements

Microsoft Is Using Linux To Protect Its Own Web Site

Here is a great news story: http://story.news.yahoo.com/news?tmpl=story&cid=74&e=9&u=/cmp/13100775 (3 Replies)
Discussion started by: Neo
3 Replies

2. UNIX for Advanced & Expert Users

disk full

Please solve the following NOTICE HTFS:No space on dev hd(1/42) (2 Replies)
Discussion started by: msuheel
2 Replies

3. Linux

Disk full 100%

one of my servers / was full by 100% i cleard some space, now though i have enough space on / partition still df is showing disk usage as 100% am not able to create any single txt file ? why so ? (3 Replies)
Discussion started by: bryanabhay
3 Replies

4. UNIX for Advanced & Expert Users

Is it possible to password protect directories in linux?

Hi, I am using Red Hat OS 5.0, is there any way that i can password protect directories. I know i can change permission so that no other user can access the content, but sometimes in my office environment i need to share vnc terminal with other people from my login itself. So i want that if user... (1 Reply)
Discussion started by: sarbjit
1 Replies

5. UNIX for Advanced & Expert Users

Disk Space full

I was tryin to copy a large file under /tmp location. I guess the disk space got full and i got fork error. Then I tried removing some files but the shell did not let me do anything bash> rm apache22.tar bash: fork: Not enough space bash> pwd /tmp bash> vmstat 1 bash: fork: Not... (3 Replies)
Discussion started by: mohtashims
3 Replies

6. Cybersecurity

How to encrypt / password protect big Linux file?

Hello, i have around 20 backup files tar.gz with sensitive data. The sizes of these files are from around 200MB to around 20GB I want to secure these files so no one can read, use its contents. only me the method of encrypting, password protecting them should be fast, so for example in... (1 Reply)
Discussion started by: postcd
1 Replies

7. Shell Programming and Scripting

Disk full alerts

i want to create 1 script to monitor 1 particular filesystem out of the diferent filesystems. if disk space of that particular filesystem increases by 80% it sends an alert mail to an email id ---------- Post updated at 04:18 PM ---------- Previous update was at 04:17 PM ---------- no. I am... (1 Reply)
Discussion started by: rakeshhhhhhhh
1 Replies

LEARN ABOUT OSF1

secconfig

secconfig(8)						      System Manager's Manual						      secconfig(8)

NAME

       secconfig, secsetup - Security features setup graphical interface (Enhanced Security)

SYNOPSIS

       /usr/sbin/sysman secconfig

       NOTE:  The secsetup utility has been replaced by the secconfig graphical interface.

DESCRIPTION

       The  utility  is  a  graphical interface used to select the level of system security needed.  It can convert from Base to enhanced security
       mode, and configure base and enhanced security features.  If you are using secconfig to enable  Enhanced  security,  you  must  first  have
       loaded the enhanced security subsets.

       You can run while the system is in multiuser mode.  However, if you change the security level, the change is not completed until you reboot
       the system.

       For both base and enhanced security, the secconfig utility allows you to enable segment sharing, to enable access control lists (ACLs), and
       to restrict the setting of the execute bit to root only.

       For enhanced security, the secconfig utility additionally allows you to configure security support from simple shadow passwords all the way
       to a strict C2 level of security.  Shadow password support is an easy method for system administrators, who do not wish to use all  of  the
       extended  security features, to move each user's password out of /etc/passwd and into the extended user profile database (auth.db.  You can
       use the Custom mode if you wish to select additional security features, such as breakin detection and evasion, automatic database trimming,
       and password controls.

       When  converting from base to enhanced security, secconfig updates the system default database (/etc/auth/system/default) and uses the con-
       vuser utility to migrate user accounts.

       While it is possible to convert user accounts from enhanced back to base, the default encryption algorithms and supported password  lengths
       differ between base and enhanced security, and thus user account conversions do not succeed without a password change.

       NOTE: Because of the page table sharing mechanism used for shared libraries, the normal file system permissions are not adequate to protect
       against unauthorized reading.  The secconfig interface allows you to disable segment sharing.  The change in segment sharing  takes  effect
       at the next reboot.

FILES

RELATED INFORMATION

       acl(4), authcap(4), default(4), convuser(8),
       Security delim off

																      secconfig(8)
All times are GMT -4. The time now is 10:36 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy