[CentOS] securing a remotely hosted machine
Les Mikesell
lesmikesell at gmail.com
Fri Aug 20 15:28:13 UTC 2010
On 8/20/2010 9:55 AM, Brunner, Brian T. wrote:
>
> 3: When you first build the system, ghost/image the boot/root/usr (bru)
> drive onto a spare backup, verify the backup boots the machine the same
> as the main drive.
> 4: have the backup bru drive mailed to you, dupe it, and rsync the
> remote bru to your local copy whenever you make a change to the remote
> bru.
This part tends to be problematic when the system is remote and you need
hands-on access for the install. It would be much nicer to build
locally and ship the initial drives.
> 5: In the event of fire, vandalism, or other urgent cause, your cluster
> can appear on a new server rapidly. Just FedEx ghosts of your locally
> stored bru drive rsynced from what were your remote machines, and (on
> similar hardware) they should turn-key boot and run.
Try it - you won't like it. If the MAC addresses of the NICs don't
match what is configured, the network won't come up. Have fun with that
when you've broken the local keyboard/monitor. I ship clonezilla-copied
drives around fairly often, but bringing them up always involves local
operators that know their way around linux enough to get the right IPs
assigned to the right interfaces. I suppose if I had a dhcp server on
all the destination networks I could watch for the IP they give out,
then connect and change it but that's not very convenient either so
sometimes I end up shipping the whole servers around.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list