Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to protect Linux by full disk encryption?
Special Forums Cybersecurity How to protect Linux by full disk encryption? Post 302905646 by Opr_Sys on Thursday 12th of June 2014 04:23:00 PM
Old 06-12-2014
Debian
Quote:
Originally Posted by postcd
Hello, you may know that linux root password can be resetted (example from rescue mode), so this means linux server offers no protection against access of data when you get somehow remote or physical access to server?

So my question is how i can full encrypt linux webserver disk so no one can read disk data even he got physical access to the server? the best way, links? thank you
Choose disk encryption or LvM2 Encrypted from the set-up menu when you install it! So no matter if they steal your disks, without your password they're screwed.

You can of course also remove the rescue option from the boot menu and also password protect the Bootloader as well.


But of course you can then make it double difficult, select LUKS or GnuPG and use it on your documents as well, just to be that extra bit "Obstinate!" Privacy is a Right, not a feature!
 

7 More Discussions You Might Find Interesting

1. News, Links, Events and Announcements

Microsoft Is Using Linux To Protect Its Own Web Site

Here is a great news story: http://story.news.yahoo.com/news?tmpl=story&cid=74&e=9&u=/cmp/13100775 (3 Replies)
Discussion started by: Neo
3 Replies

2. UNIX for Advanced & Expert Users

disk full

Please solve the following NOTICE HTFS:No space on dev hd(1/42) (2 Replies)
Discussion started by: msuheel
2 Replies

3. Linux

Disk full 100%

one of my servers / was full by 100% i cleard some space, now though i have enough space on / partition still df is showing disk usage as 100% am not able to create any single txt file ? why so ? (3 Replies)
Discussion started by: bryanabhay
3 Replies

4. UNIX for Advanced & Expert Users

Is it possible to password protect directories in linux?

Hi, I am using Red Hat OS 5.0, is there any way that i can password protect directories. I know i can change permission so that no other user can access the content, but sometimes in my office environment i need to share vnc terminal with other people from my login itself. So i want that if user... (1 Reply)
Discussion started by: sarbjit
1 Replies

5. UNIX for Advanced & Expert Users

Disk Space full

I was tryin to copy a large file under /tmp location. I guess the disk space got full and i got fork error. Then I tried removing some files but the shell did not let me do anything bash> rm apache22.tar bash: fork: Not enough space bash> pwd /tmp bash> vmstat 1 bash: fork: Not... (3 Replies)
Discussion started by: mohtashims
3 Replies

6. Cybersecurity

How to encrypt / password protect big Linux file?

Hello, i have around 20 backup files tar.gz with sensitive data. The sizes of these files are from around 200MB to around 20GB I want to secure these files so no one can read, use its contents. only me the method of encrypting, password protecting them should be fast, so for example in... (1 Reply)
Discussion started by: postcd
1 Replies

7. Shell Programming and Scripting

Disk full alerts

i want to create 1 script to monitor 1 particular filesystem out of the diferent filesystems. if disk space of that particular filesystem increases by 80% it sends an alert mail to an email id ---------- Post updated at 04:18 PM ---------- Previous update was at 04:17 PM ---------- no. I am... (1 Reply)
Discussion started by: rakeshhhhhhhh
1 Replies

LEARN ABOUT NETBSD

rescue

RESCUE(8)						    BSD System Manager's Manual 						 RESCUE(8)

NAME

     rescue -- rescue utilities in /rescue

DESCRIPTION

     The /rescue directory contains a collection of common utilities intended for use in recovering a badly damaged system.  With the transition
     to a dynamically-linked root beginning with NetBSD 2.0, there is a real possibility that the standard tools in /bin and /sbin may become non-
     functional due to a failed upgrade or a disk error.  The tools in /rescue are statically linked and should therefore be more resistant to
     damage.  However, being statically linked, the tools in /rescue are also less functional than the standard utilities.  In particular, they do
     not have full use of the locale, pam(3), and nsswitch libraries.

     If your system fails to boot, and it shows an error message similar to:

	   init: not found

     try booting the system with the boot flag ``-a'' and supplying /rescue/init, which is the rescue init(8), as the init path.

     If your system fails to boot, and it shows a prompt similar to:

	   Enter full pathname of shell or RETURN for /bin/sh:

     the first thing to try running is the standard shell, /bin/sh.  If that fails, try running /rescue/sh, which is the rescue shell.	To repair
     the system, the root partition must first be remounted read-write.  This can be done with the following mount(8) command:

	   /rescue/mount -uw /

     The next step is to double-check the contents of /bin, /lib, /libexec, and /sbin, possibly mounting a NetBSD installation CD-ROM and copying
     files from there.	Once it is possible to successfully run /bin/sh, /bin/ls, and other standard utilities, try rebooting back into the stan-
     dard system.

     The /rescue tools are compiled using crunchgen(1), which makes them considerably more compact than the standard utilities.

FILES

     /rescue  Root of the rescue hierarchy.

SEE ALSO

     crunchgen(1)

HISTORY

     The rescue utilities first appeared in NetBSD 2.0.

AUTHORS

     The rescue system was written by Luke Mewburn <lukem@NetBSD.org>.	This manual page was written by Simon L. Nielsen <simon@FreeBSD.org>,
     based on text by Tim Kientzle <kientzle@FreeBSD.org>.

BUGS

     Most of the rescue tools work even in a fairly crippled system.  The most egregious exception is the rescue version of vi(1), which currently
     requires that /usr be mounted so that it can access the termcap(5) files.	Hopefully, a failsafe termcap(3) entry will eventually be added
     into the curses(3) library, so that /rescue/vi can be used even in a system where /usr cannot immediately be mounted.  In the meantime, the
     rescue version of the ed(1) editor can be used from /rescue/ed if you need to edit files, but cannot mount /usr.

BSD
								 January 20, 2009							       BSD
All times are GMT -4. The time now is 04:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy