On Mon, 31 Mar 2008 07:36:52 +0100, Dirk Heinrichs wrote:

> > That still means your keys are readable all the time,
>
> By root only, chmod 400 is your friend.

But still readable.
>
> > whereas mine
> > disappear long before the network comes up.
>
> So what? If somebody cracks into your box and gains root access, he
> can't mount /boot and take the keys?

That's right, because the keys aren't in /boot ;-)


--
Neil Bothwick

WITLAG: The delay between delivery and comprehension of a joke.