How would you protect files of a VPS (Virtual Private Server) from snooping by the service provider?

      • boredsquirrel@slrpnk.net
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        2 months ago

        Pretty cool!

        Android and ChromeOS both also just use fuse for userspace encryption. This could totally be used too.

        But of course, if something is not on your RAM it is not safe

    • JubilantJaguar@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      Another option: encrypt a sparse file rather than a disk volume. Mount the file to local filesystem and open and close it there.

      • Zikeji@programming.dev
        link
        fedilink
        English
        arrow-up
        5
        ·
        2 months ago

        LUKS, or anything that relies on the server encrypting, is highly vulnerable (see schizo@forum.uncomfortable.business’s response).

        Your best bet would be encrypting client side before it arrives on the server using a solution like rclone, restic, borg, etc.

      • lud@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        2 months ago

        Yeah, at least the ones I used have some kind of console/terminal you can use and often you can access BIOS and reinstall the OS if you want.