[dm-crypt] General question: Encrypytion on virtual servers (VPS/Vserver)

michaelof at rocketmail.com michaelof at rocketmail.com
Tue Feb 21 14:42:51 CET 2017


Dear list members,


as a newbie I've read the detailed FAQ at https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions and
was deeply impressed by the carefulness of the author aubout the highly political various perilous aspects of
encryption. Great job, thank you !!!

My intention for a usage of LUKS / cryptsetup are less political, but privacy. To get control back for my private data,
I'm running a Vserver with a complete mail server setup (postfix, dovecot, ...) plus owncloud and a couple of other free
software.

My questions here are of a more general nature, hopefully not be seen as off-topic by the valued list members:

As my Vserver is hardened against potential outside attacks as much as I've been able to, it's currently completely
unprotected against "internal" attacks.  Means that anyone from the hosting company e.g. could clone this Vserver or
copy the unecnrypted virtual disks, even without my knowledge, and access all data on it.

Of course I trust this hosting company, otherwise I wouldn't have chosen them. But I would like to "solve" this generic
issue, if possible, independent of a specific company.

In the German IT journal "c't" I've found an interesting article about encrypting a home server against data theft, if
the home server get's physically stolen. Could easily be done by encrypting the whole disk(s), sure. But imho a very
nice idea of this article was a LXC container based setup. A non-excrypted base setup with more or less only sshd, and
an encrypted container for anything else. Nice idea, because this setup is able to "survive" a reboot after power-loss,
sending an email to the server-owner, notifying him to ssh-login and restart the inner container = entering the
deencryption password(s).

Having read this article, I've started to think about if this scenario wouldn't also be perfectly suitable for my
Vserver requirements.

But when asking the author of this article about some small questions left, he stated his personal opinion that any
encryption on an externally hosted vserver/VPS would be a waste of time. Because the to be entered at boot time
deencryption passwords would be stored in memory of the virtual machine (all is KVM based at this company), they could
easily be read from memory, in case of a "real" attack.

Coming to the point: As this sounds reasonable, is there any chance to circumvent this issue?


Thank you,
Michael




More information about the dm-crypt mailing list