I was wondering if an encrypted filesystem could be read while it was opened if:
a)s/he has physical access to the box while it's turned on.
b)the attacker does not have a login to the box.
c)the only link it has to the internet is ssh.
d)only root can mount external media sources (usb drives/cd's)
If so, what precautions could I take against this? I need a way to secure files on a server, but have it so some relatively average computers users can access the files contained on it (basically I don't feel like educating them about encryption keys). The only thing I'm worried about is a nosey administrator on campus trying to peak into it, not the NSA or anyone.
Thanks!
EDIT: typo in the title...my bad.