原帖由 "双眼皮的猪" 发表:
可以详细一点吗?谢谢....
原帖由 "蓝色虫" 发表:
加密?讨论下
我说下自己的意见,首先创建一个ROOT用户,当然是自己的ID,然后不许所有ROOT用户查看
设置要 chmod 7 0 0 *** ,再chirt(忘了是那个了,汗ing...只知道前面有CH 2个字母) -Rm ***
估计他们谁?.........
Another popular FreeBSD filesystem feature is its integrated encrypted
partitions. FreeBSD supports two different filesystem encryption systems out
of the box: GBDE and GELI. Geom Based Disk Encryption (GBDE) was FreeBSD’s
first encrypted filesystem designed for military-grade use. GELI is a little
more friendly and complies with different standards than GBDE.
GBDE, or Geom-Based Disk Encryption, has specific features for high-security
environments where protecting the user is just as important as concealing
the data. In addition to a cryptographic key provided by the user, GBDE uses
keys stored in particular sectors on the hard drive. If either key is unavailable,
the partition cannot be decrypted. Why is this important? If a secure data
center (say, in an embassy) comes under attack, the operator might have a
moment or two to destroy the keys on the hard drive and render the data
unrecoverable. If the bad guys have a gun to my head and tell me to “Enter
the passphrase or else,” I want the disk system to say The passphrase is
correct, but the keys have been destroyed. I don’t want a generic error saying
Cannot decrypt disk. In the first situation, I still have value as a blubbering
hostage; in the latter, either I’m dead or the attackers get unpleasantly
creative.
欢迎光临 Chinaunix (http://bbs.chinaunix.net/) | Powered by Discuz! X3.2 |