![]() Some providers will give you real remote console access, OVH Go back into the rescue netboot image, but that does not allow you to see theīoot process. Have not booted, the disk might or might not be unlocked, etc. If anything fails, you end up with an unreachable system: it might or might Once unlocked, the normal boot process continues. Server after a reboot and enter the passphrase (this is done inside the To be able to unlock the encrypted disks, you will have to ssh into the Install a Debian system with debootstrap. Point), manually partition the disk, set-up encryption, and LVM and then The image could have a keylogger, but we have to stop the paranoia at some The process is to boot into the rescue image (this is of course a weak link, as Same thing with any dedicated server that has a rescue netboot image. On why I chose it), and some things are specific to them. This was done on my 12 £/month Kimsufi dedicated server, sold by OVH (see my Server, so I think this is all mostly correct. Was doing the same thing (with some slight differences) on his brand new I have done this twice on my servers, and today I was reviewing each step as my friend Good barrier to have to deter entities without big budgets from getting my ![]() I know this is not perfect, and there are possible attacks. Also, I wanted to have all my data securely encrypted. Key into root's authorized_keys file), I wouldn't trust an installationĭone by a third party. All of this without ever accessing the actualĪs much as my provider may have gold standards on how to do things (they don't, thereĪre some very bad practises in the default installation, like putting their SSH To show you how I set up my tiny dedicated server to have encrypted partitions,Īnd to reinstall it from scratch. Very long post ahead (sorry for the wall of text), part of a series of posts on some sysadmin topics, see
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |