On Fri, Apr 3, 2009 at 3:25 PM, Paul Heinlein <heinlein at madboa.com> wrote: > On Fri, 3 Apr 2009, Paul Heinlein wrote: >> On a server with untrusted users, however, I'd keep it decrypted. > Er, I'd keep it encrypted. > There's also the issue of how it gets stored in your backup system. During the very recent (March 21st?) attack on <http://www.webhostingtalk.com/> the backup server(s) were attacked first. That made it much more difficult for them to get the site up and running properly. I'm not sure if they have it fully restored yet. Backup servers need *maximum* protection too......