[kwlug disc.] Protecting confidential data on a server

Paul Nijjar paul_nijjar at yahoo.ca
Thu Aug 28 20:18:57 EDT 2008 

Dear Ann Landers, 

I have a bad feeling about asking this question, but here goes: I have
some data on a Linux server that needs to stay confidential even if
the computer in question is stolen. Most of this data lives in a MySQL
database, but for the sake of argument let's say that some lives in
arbitrary files elsewhere. 

>From what I have been reading, the easy answer to this seems like
"keep all the data in an encrypted partition, and encrypt your swap."
But this data lives on a server far away[0] and from what I can tell I
have to manually type in a passphrase every time the machine boots and
wants to mount this passphrase. This sounds like a big hassle too. 

In my ideal fantasy world, I would get the following behaviour: 

0. If the server has not been stolen or broken into and it powers off
  for some reason then it reboots and we go on with our lives. 

1. If the server has been stolen or broken into, the server is unable
  to mount its protected data. 

2. I can install and maintain such a system without tearing out the
  rest of my hair. 

I could live with a solution like the following:

0. One of our internal servers serves as an "authentication server".
(Using some technology I am not aware of now, but might be RADIUS?)

1. The Linux box which has the confidential data asks the
authentication server for permission to mount the confidential
partition. Both of these can see each other by virtue of being on our
intranet. 

2. If the lightning storm knocks out both the authentication server
and the Linux box, then maybe I am hosed and have to recover manually.
Otherwise, the Linux server can come up on its own.

3. If the Linux server is stolen, it can't reach the
authentication server and refuses to mount the encrypted partition. 

4. If I feel like something is fishy, I can go onto the authentication
server and tell it to refuse authentication to the Linux box. 

What do you think, Ann? Is there any hope for me? What are you doing
to deal with confidential data on your servers?

- Paul

[0] Well, it is not that far, but it's not across the hall, either.



      __________________________________________________________________
Instant Messaging, free SMS, sharing photos and more... Try the new Yahoo! Canada Messenger at http://ca.beta.messenger.yahoo.com/

More information about the KWLUG-Disc mailing list