Hi all, I boot many of my storage machines from thumb drives that contain /boot and /etc/fstab. Everything else is loaded/mounted from GELI encrypted disks within the box.
Backups/archives on some of these boxes are not within the standard AMANDA regimen. They are under special (manual) backup routines. I have three 'standard' procedures: - a remote backup server will temporarily attach and mount a GELI encrypted partition and "rsync" (via SSH) the data from the live server, and then umount and detach the drive when rsync completes - rsync is run continuously from the live storage server over SSH to a remote backup server (ie: hot spare (essentially)) - a local drive (local, relative to the site... eg: a USB/IDE drive directly connected) is (GELI) attached, mounted, and the original contents are then rsync'd The objective of these methods is to ensure that if the hardware is unplugged and moved without authorization, I'll have enough time to make critical decisions before the data could possibly be retrieved. (GELI is protected by keys which are not on site, and by passphrase). What I'd like to know, is if it's possible to somehow check to see if there are any GELI 'attach'ed disks on a given system that have not yet been mounted (or, iow, were umount'd, but were left attached). #dmesg doesn't say much in this regard, and I couldn't find out by listing /dev either. Any tricks to find out what GELI knows? I want to automate everything except the insertion of the keys, which will always be manual. Knowing how to identify what is attached but not mounted would be a good start. Steve
smime.p7s
Description: S/MIME Cryptographic Signature
