Re: disk encryption for remote server

2024-05-27 Thread Abel Abraham Camarillo Ojeda
I keep a /crypt noauto partition that I mount manually by passphrase via ssh after the server is booted. And don't keep 'sensitive' info in other partitions... On Mon, May 27, 2024 at 11:57 AM <04-psyche.tot...@icloud.com> wrote: > Thanks all for your thoughts. > > Regarding the remote serial co

Re: disk encryption for remote server

2024-05-27 Thread 04-psyche . totter
Thanks all for your thoughts. Regarding the remote serial console access, unfortunately, it is not possible in my case. I do not have IPMI or something similar :( On Mon, 27 May 2024 at 08:17, Manuel Giraud < manuel_at_ledu-giraud_fr_rmp93abv53d47h_m6783...@icloud.com> wrote: > Stefan Kreutz wr

Re: disk encryption for remote server

2024-05-27 Thread Manuel Giraud
Stefan Kreutz writes: > Can you access the machine's serial console, maybe redirected over IP? I concur that a remote serial console access (maybe via a web interface serviced by your provider) is your best option here. I used to do (almost) FDE without console access but here is list of drawba

Re: disk encryption for remote server

2024-05-27 Thread Ampie Niemand
On Sun, May 26, 2024 at 08:33:59PM +0100, 04-psyche.tot...@icloud.com wrote: Hi everyone, Is there any way to use disk encryption without having physical access to the device? You could use a USB keydisk (make sure you, and your assistant on the remote server, have copious backup(s) of this!

Re: disk encryption for remote server

2024-05-26 Thread Crystal Kolipe
On Sun, May 26, 2024 at 08:33:59PM +0100, 04-psyche.tot...@icloud.com wrote: > Is there any way to use disk encryption without having physical access to > the device? Yes, it is possible. But I think you are talking about full disk encryption and want to enter a passphrase at the bootloader promp

Re: disk encryption for remote server

2024-05-26 Thread Stefan Kreutz
Can you access the machine's serial console, maybe redirected over IP? On Sun, May 26, 2024 at 08:33:59PM GMT, 04-psyche.tot...@icloud.com wrote: > Hi everyone, > > Is there any way to use disk encryption without having physical access to the > device? > > A few potential ideas: > - is there a

disk encryption for remote server

2024-05-26 Thread 04-psyche . totter
Hi everyone, Is there any way to use disk encryption without having physical access to the device? A few potential ideas: - is there a way to enter the encryption passphrase via ssh? - is there a way to create a non encrypted partition on the same hard drive, where the keydisk would be stored,