From owner-freebsd-questions@FreeBSD.ORG Tue Mar 3 20:32:18 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BA478106564A for ; Tue, 3 Mar 2009 20:32:18 +0000 (UTC) (envelope-from dkarapet@nd.edu) Received: from mx-p1.cc.nd.edu (mx-p1.cc.nd.edu [129.74.250.57]) by mx1.freebsd.org (Postfix) with ESMTP id 743798FC16 for ; Tue, 3 Mar 2009 20:32:18 +0000 (UTC) (envelope-from dkarapet@nd.edu) Received: from osgood.cc.nd.edu (osgood.cc.nd.edu [129.74.250.227]) by mx-p1.cc.nd.edu (Switch-3.3.0/Switch-3.3.0) with ESMTP id n23KVOW8020639 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 3 Mar 2009 15:31:24 -0500 Received: from localhost (vagrant.math.nd.edu [129.74.203.241]) (authenticated bits=0) by osgood.cc.nd.edu (Switch-3.2.2/Switch-3.2.2) with ESMTP id n23KWD3N021359 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 3 Mar 2009 15:32:15 -0500 (EST) Date: Tue, 3 Mar 2009 15:32:13 -0500 From: David Karapetyan To: Bill Moran Message-ID: <20090303203213.GC363@vagrant.nomad.nd.edu> Mail-Followup-To: Bill Moran , freebsd-questions@freebsd.org References: <49AD8623.6050007@eskk.nu> <20090303200239.GA363@vagrant.nomad.nd.edu> <20090303151857.3624e24b.wmoran@potentialtech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090303151857.3624e24b.wmoran@potentialtech.com> User-Agent: Mutt/1.5.18 (2008-05-17) X-Source-IP: 129.74.250.227 X-ND-MTA-Date: Tue, 03 Mar 2009 15:31:25 EST Cc: freebsd-questions@freebsd.org Subject: Re: Server encryption X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Mar 2009 20:32:19 -0000 Yes, having to enter the password in after reboot is a bit of a pain. That is not all; the encrypted drive must be fsck'd as well, which is a bit annoying. At present, I encrypt secure documents on my laptop, and leave my server unencrypted; thanks to your input, I will continue to do so. Thank you. On Tue, Mar 03, 2009 at 03:18:57PM -0500, Bill Moran wrote: > In response to David Karapetyan : > > > Hello, I was wondering if it was a worthwhile endeavor to encrypt a > > backup hard drive on a server that I currently have in my office at > > school (I am a graduate student). I do have sensitive data on it > > (backups of my mail, as well as an msmtprc file that contains the > > password to a gmail account of mine). I am not particularly worried > > about theft of my server, but you never know. Am I simply being > > paranoid, or is there a considerable risk when one does not encrypt? > > If you don't encrypt the data and the server is stolen, the thief > has your data if he wants it. > > If you do encrypt it, the thief has to go to considerable length to > steal the system without powering it down, and even then it's difficult > to get the actual data. > > Most thieves don't care about your data. The value of the hardware is > enough, and they'll probably reformat the HDD with a bootleg Windows > Vista install anyway. > > You have to decide for yourself whether you feel the risk justifies > the effort. Keep in mind that if you encrypt the drive, you'll have > to enter the password any time the system is rebooted (such as after > a power outage). > > Hope this helps. > > -- > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ -- -- Best, David Karapetyan http://davidkarapetyan.com University of Notre Dame Department of Mathematics 255 Hurley Hall Notre Dame, IN 46556-4618 Phone: 574-631-5706 Cell: 202-460-5173 Fax: 574-631-6579