> Just pull one hdd out,

That only works with RAID 1. If the server uses RAID 5 or RAID 6, this won’t work.

> extract what you need

Well, yes. This is addressed in the FAQ.

> or change the image.

> Then you turn off the server, and just start a vm with the captured init and capture the key.

Well, as explained in the FAQ, an attacker will have to do so quickly, before the Mandos server decides that the Mandos client has been offline for too long, and disables that client. The default value is five minutes, but is configurable per client.