From owner-freebsd-security Thu Apr 25 11:59:13 2002 Delivered-To: freebsd-security@freebsd.org Received: from goanga.com (goanga.com [193.231.240.30]) by hub.freebsd.org (Postfix) with ESMTP id 2407B37B47B for ; Thu, 25 Apr 2002 11:58:57 -0700 (PDT) Received: from abc.ro (goanga.com [193.231.240.30]) by goanga.com (8.11.3/8.11.3) with ESMTP id g3PIwlg58506 for ; Thu, 25 Apr 2002 21:58:53 +0300 (EEST) (envelope-from andrei@abc.ro) Message-ID: <3CC851E7.3529C7AB@abc.ro> Date: Thu, 25 Apr 2002 21:58:47 +0300 From: ANdrei Organization: Cronon AG - tech department X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: de, ro, en MIME-Version: 1.0 To: security@freebsd.org Subject: apache Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org let me give you a scenario that i want solved :) i have a webserver that needs to run apache with SSL (httpd -SSL, if i remember correctly), but the server is not considered to be secure enough to have an unencrypted key on it's hard drives... so the key is crypted, but then, again, apache is unable to start with SSL enabled if somebody doesn't enter the passphrase by hand... i'm talking about apache with mod-ssl, it's one of many big servers, and any minute of it not being up is a big pain in the ass, so starting apache on every server every time by entering the passphrase by hand is not what i am looking for... starting it from a script where the passphrase is plain text is also considered to be insecure for what i need.... hope smbd had this problem already :) ANdrei and smtg else: i think it would be a great thing for this list and the community if people here stop saying shitwords to each other... if someone's annoying you, say it, but say it nicely, or ignore him... guess most of us feel this way... discussions should be constructive, not a desperate search for weak points in the ideas of others or a search for the "best invective", so they end up imho as "almost spam" when considering this is a "security" list... (don't think of anybody special) ----------------------------------[ http://www.goanga.com ]-- Never take life seriously. _ _ Nobody gets out alive anyway. o' \.=./ `o (o o) -----------------------------------------ooO--(_)--Ooo------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message