File system encryption on VPS?

M

mihavxc2011-05-23 11:37:01

Encryption

mihavxc, 2011-05-23 11:37:01

I plan to rent an average VPS (debian) for hosting a couple of personal blogs, a place for backing up personal photos and sharing.
I want to make sure the pictures are a bit safer. Do I understand correctly that hosting owners will be able to connect my container file with FS to another virtual machine and see all the contents?
Given that only I have root access, do I need to install cryptsetup for transparent encryption (so that decrypted versions are also available via ftp / webdav) or are there simpler options?

Reply

Answer the question

In order to leave comments, you need to log in

6 answer(s)

A

antivir, 2011-05-23
@antivir

It is unlikely that this will protect you from the hoster, because nothing prevents him from taking a snapshot / copy of your partition at the moment when the encrypted partition / container is available for reading.

V

Vlad Zhivotnev, 2011-05-23
@inkvizitor68sl

en.wikipedia.org/wiki/EncFS
Of course, it doesn't work if you take VPS on OpenVZ/Jail. Often with Xen it is possible to get root access to the guest. KVM, VMware, Vbox will do.

P

Puma Thailand, 2011-05-23
@opium

To be honest, nothing will save you if the hoster wants to see your files.
Since you will not encrypt the root partition anyway.
Get a dedicate.

X

xdemon, 2011-05-23
@xdemon

You can crypt the root partition, provided that it is entirely hardware virtualization and there is access to pseudo-KVM. Hardware is KVM, XEN-HVM, VirtualBox, XenServer, ESX/ESXi

A

afiskon, 2011-05-23
@afiskon

If you post pictures on someone else's machine, hardly any encryption will help.

Q

qxfusion, 2012-11-05
@qxfusion

In the case of OpenVZ, almost nothing, for other hypervisors (1) install the kernel with patches for RAM encryption (performance drops several times) (2) system integrity control (list of processes, disk, etc.)