I'll clarify my position a bit :)
The machines are all remote (they do not all have serial connections)
and I want to make sure that if a server is removed or stolen no data
can be obtained from the guests. I also make the assumption here that in
order to remove the server, power will be cut. I don't really care about
the host itself.
Laurens
On 2015-03-25 08:00, Christian Thaeter wrote:
> First and foremost you should define against what threats you want to
> secure the vservers and then think which option would be the best.
>
> For example when you 'only' need a secure data storage you may look
> into
> ecryptfs or tahoe-lafs.
>
> Don't forget that you need to encrypt swap storage if there is any,
> else secret data might end up unencrypted in the swap storage.
>
> Also when you encrypt vservers independently you loose the ability to
> unify/hashify the files to save storage (and memory).
>
> You also need some way to feed keys to unlock the vservers, which will
> be always the weak link in such a setup.
>
> Bottomline: If in doubt, just encrypt the whole box, that has more
> advantages, less maintenance, less problems and is a proven way. I use
> that with dmcrypt'ed partitions and it works well since years. If you
> have enough RAM then the performance impact is negligible as frequent
> accessed stuff gets cached.
>
> Christian
>
>
> On 2015-03-25 08:20, Ben Green wrote:
>
>> I have friends who run each guest on its own LVM partition,
>> encrypted. The partition has to be mounted by the host of course, and
>> is therefore accessible to that host. This strategy is to prevent
>> any physical theft of servers resulting in compromised data.
>>
>> I guess it depends on your aims with the encryption.
>>
>> Cheers,
>> Ben
>>
>> Quoting Oliver Welter <mail@oliwel.de>:
>>
>>> Hi,
>>>
>>> the question is what do you expect to be "encrypted"? You can put
>>> the filesystem of the guest onto an encrypted device but AFAIK you
>>> can not prevent the root host to enter/access the context of the
>>> running guest. There is a "Guest Privacy" Flag in the vserver
>>> config, but I am not aware of what exactly it prevents.
>>>
>>> My fastest approach would be to construct a kind of "locked down"
>>> host without root access to prevent administrative staff from
>>> accessing the guest.
>>>
>>> Oliver
>>>
>>> Am 25.03.2015 um 01:39 schrieb Laurens Vets:
>>>> Hello list,
>>>>
>>>> I'm currently looking for a good way to encrypt Vservers.
>>>>
>>>> Basically what I want is that when I start a vserver, it asks for a
>>>> passphrase before booting further. I do not want to encrypt the
>>>> host itself, only the guests.
>>>>
>>>> What would be the best way of doing this and does anyone have any
>>>> experience in this?
>>>>
>>>> Thanks!
>>
>>
>>
Received on Wed Mar 25 17:25:35 2015