Date: Fri, 26 Apr 2002 07:32:11 +1200 (NZST) From: Andrew McNaughton <andrew@scoop.co.nz> To: ANdrei <andrei@abc.ro> Cc: security@FreeBSD.ORG Subject: Re: apache Message-ID: <20020426072641.W22173-100000@a2> In-Reply-To: <3CC851E7.3529C7AB@abc.ro>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 25 Apr 2002, ANdrei wrote: > let me give you a scenario that i want solved :) > > i have a webserver that needs to run apache with SSL (httpd -SSL, if i > remember correctly), but the server is not considered to be secure > enough to have an unencrypted key on it's hard drives... so the key is > crypted, but then, again, apache is unable to start with SSL enabled if > somebody doesn't enter the passphrase by hand... i'm talking about > apache with mod-ssl, it's one of many big servers, and any minute of it > not being up is a big pain in the ass, so starting apache on every > server every time by entering the passphrase by hand is not what i am > looking for... starting it from a script where the passphrase is plain > text is also considered to be insecure for what i need.... Either your server has access to the key or it doesn't. If your server has access to the key then someone who gets root on the box can get the key. There is NO way around this. If you think it's any improvement, you can have your script contact another box for the passphrase, and that will mean you can at least log the event reliably. It might still involve human entry of the passphrase, but at least you can centralise that. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020426072641.W22173-100000>