From owner-freebsd-questions@FreeBSD.ORG Tue Mar 3 20:19:00 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 64ED51065675 for ; Tue, 3 Mar 2009 20:19:00 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from mail.potentialtech.com (internet.potentialtech.com [66.167.251.6]) by mx1.freebsd.org (Postfix) with ESMTP id 342798FC1D for ; Tue, 3 Mar 2009 20:18:59 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from vanquish.ws.pitbpa0.priv.collaborativefusion.com (pr40.pitbpa0.pub.collaborativefusion.com [206.210.89.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.potentialtech.com (Postfix) with ESMTPSA id 095A0EBC0A; Tue, 3 Mar 2009 15:18:58 -0500 (EST) Date: Tue, 3 Mar 2009 15:18:57 -0500 From: Bill Moran To: David Karapetyan Message-Id: <20090303151857.3624e24b.wmoran@potentialtech.com> In-Reply-To: <20090303200239.GA363@vagrant.nomad.nd.edu> References: <49AD8623.6050007@eskk.nu> <20090303200239.GA363@vagrant.nomad.nd.edu> X-Mailer: Sylpheed 2.6.0 (GTK+ 2.14.7; i386-portbld-freebsd7.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Server encryption X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Mar 2009 20:19:01 -0000 In response to David Karapetyan : > Hello, I was wondering if it was a worthwhile endeavor to encrypt a > backup hard drive on a server that I currently have in my office at > school (I am a graduate student). I do have sensitive data on it > (backups of my mail, as well as an msmtprc file that contains the > password to a gmail account of mine). I am not particularly worried > about theft of my server, but you never know. Am I simply being > paranoid, or is there a considerable risk when one does not encrypt? If you don't encrypt the data and the server is stolen, the thief has your data if he wants it. If you do encrypt it, the thief has to go to considerable length to steal the system without powering it down, and even then it's difficult to get the actual data. Most thieves don't care about your data. The value of the hardware is enough, and they'll probably reformat the HDD with a bootleg Windows Vista install anyway. You have to decide for yourself whether you feel the risk justifies the effort. Keep in mind that if you encrypt the drive, you'll have to enter the password any time the system is rebooted (such as after a power outage). Hope this helps. -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/