[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnumed-devel] Re: GNUmed (debian) servers and security
|
From: |
Andreas Tille |
|
Subject: |
[Gnumed-devel] Re: GNUmed (debian) servers and security |
|
Date: |
Tue, 29 Jan 2008 08:02:47 +0100 (CET) |
|
User-agent: |
Alpine 1.00 (DEB 882 2007-12-20) |
On Mon, 28 Jan 2008, James Busser wrote:
Encryption of the whole hard disk is simple, it is just extremely limiting
because it requires that a suitable person must be physically present to
input the key from the console any time that the system is rebooted. This
would mean that
...
Sure, that is what I said in my first posting. It's a trade-off between
security (against thieves) and flexibility (no remote reboot).
- if the server is in your office / praxis, the reboot can only be done while
there is someone in the office who can input the key from the console... this
means that if the computer should reboot in the evening or on the weekend
when the doctors may be on call from home (e.g. rebooting after a power
brownout) the server will remain offline until the needed person(s) can be
available to physically come/go into the office
You must know whether this is acceptable or not - I just wanted to give
the information that its implemented brain dead easy to use.
- the server would also be unable to be kept headless, so you are now talking
having to keep a monitor and keyboard attached along with the ability for
someone to interact directly in the physical space which sometimes closets
poorly allow :-)
Well, if you wait a minute and type the password you should be safe. If the
box is not up and running you will probably have misstyped the password and
should retype. This is no real argument.
... this is why previous discussion suggested that for a production server
that would run in a medical praxis, the boot volume with the OS could be
unencrypted (this would permit tech support to access the machine for system
maintenance and to permit ssh remote login to then so that the IT support
people (if trusted with the data partition key) or one of the doctors or
administrators can remotely supply the key to mount the data partitions.
Well, you have to devide what fits your use case best ...
In
one other variation described by Tim Churches, the data partition mount key
could be kept on USB sticks and these could be kept under special on-site
lockup.
And where is the main difference to full harddisk encryption. You
need physical access as well if you want to plug in the USB stick, right?
Kind regards
Andreas.
--
http://fam-tille.de
- Re: [Gnumed-devel] Re: GNUmed (debian) servers and security, (continued)
[Gnumed-devel] Re: GNUmed (debian) servers and security, James Busser, 2008/01/27
[Gnumed-devel] Re: GNUmed (debian) servers and security, Andreas Tille, 2008/01/28
Re: [Gnumed-devel] GNUmed (debian) servers and security, Karsten Hilbert, 2008/01/28
Re: [Gnumed-devel] GNUmed (debian) servers and security, Dave Cramer, 2008/01/28
- Re: [Gnumed-devel] GNUmed (debian) servers and security, James Busser, 2008/01/28
- Re: [Gnumed-devel] GNUmed (debian) servers and security, Dave Cramer, 2008/01/28
- Re: [Gnumed-devel] GNUmed (debian) servers and security, Karsten Hilbert, 2008/01/29
- Re: [Gnumed-devel] GNUmed (debian) servers and security, James Busser, 2008/01/30
- Re: [Gnumed-devel] GNUmed (debian) servers and security, Karsten Hilbert, 2008/01/31