Forgot your password?
typodupeerror

Submission Summary: 0 pending, 1 declined, 3 accepted (4 total, 75.00% accepted)

+ - Prevent my hosting provider from rooting my server-> 3

Submitted by
hacker
hacker writes "I have a heavily-hit public server (web, mail, cvs/svn/git, dns, etc.) that runs a few dozen OSS project websites, as well as my own personal sites (gallery, blog, etc.). From time to time, the server has "unexpected" outages, which I've determined to be the result of hardware, network and other issues on behalf of the provider. I run a lot of monitoring and logging on the server-side, so I see and graph every single bit and byte in and out of the server and applications, so I know it's not the OS itself.

When I file "WTF?" style support tickets to the provider through their web-based ticketing system, I often get the response of "Please provide us with the root password to your server so we can analyze your logs for the cause of the outage." Moments ago, there were 3 simultaneous outages, while I was logged into the server working on some projects. Server-side, everything was fine. They asked me for the root password, which I flatly denied (as I always do), and then they rooted the server anyway, bringing it down and poking around through my logs anyway. This is at least the third time they've done this without my approval or consent.

Is it possible to create a minimal Linux boot that will allow me to reboot the server remotely, come back up with basic networking and ssh, and then from there, allow me to log in and mount the other application and data partitions under dm-crypt/loop-aes and friends?

With sufficient memory and CPU, I could install VMware and run my entire system within a VM, and encrypt that. I could also use UML, and try to bury my data in there, but that's not encrypted. Ultimately, I'd like to have an encrypted system end-to-end, but if I do that, I can't reboot it remotely without entering the password at boot time. Since I'll be remote, that's a blocker for me.

What does the Slashdot community have for ideas in this regard? What other technologies and options are at my disposal to try here (beyond litigation and jumping providers, both of which are on the short horizon ahead)."

Link to Original Source

In 1869 the waffle iron was invented for people who had wrinkled waffles.

Working...