Remotely decrypting a server (Linux)

[Niall <phierstarter () gmail com>]

Hi folks,

I have a tricky one here where i need to find a way to securely
authenticate a decryption mechanism of some sort where the
authentication is provided remotely without any user-interaction.

Right now i have a number of boxes that all inform a central server
when they are online. When they do this an OpenVPN connection is set
up between them and the server.

However, i have been given the task to ensure that the scripts
involved in this process are encrypted by default. This requires some
form of self-decryption, which to my mind kind of goes against the
whole idea of encryption/authentication in the first place.

I need some way to leave decrypted the bare essentials required to
boot a box and securely connect to the central server automatically.
Then the server would automatically send a key/passphrase and the rest
of the files on the box would then be decrypted on the fly.

If anyone knows of any software that provides this (maybe through
VMs?) it would be greatly appreciated.

I should add hat i'm also open to the idea of self-encrypting hard
disks, but what i've read about these in regards to Linux support has
put me off the whole TCG model.

Thanks.


-- 
Niall

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------