![](https://seccdn.libravatar.org/avatar/c18a749dda699514c262030be9e0ded9.jpg?s=120&d=mm&r=g)
On 6/19/06, jfweber@gilweber.com wrote:
On June Saturday 17 2006 3:59 pm, John R. Sowden wrote: ,snip>
I wonder tho, returning to the idea of encrypting the /boot area; Knoppix might still run, even tho it ought not do so. And that opens the whole hard drive , if it ( Knoppix) boots. Any one have any real life experience to help there? ( we are small company and so far as I can tell a laptop for testing will have to be a private personal purchase... <sigh> ( if we ever go big, I want a huge raise <g>)
If the case is just to not allow someone with no permanent physical access to the machine, just set the password for the BIOS, and in BIOS disable booting from CDROM, USB, floppy. This will not help if someone has real physical access though, as he/she can open the machine and reset the BIOS password, or just unplug the HDD and attach it to another machine for reading. Then your only safeguard is encrypted fs. -- -- Svetoslav Milenov (Sunny) Windows is a 32-bit extension to a 16-bit graphical shell for an 8-bit operating system originally coded for a 4-bit microprocessor by a 2-bit company that can't stand 1 bit of competition. -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com