Comment on Help wanted: best Home server, Nextcloud, Atomic setup with DynDNS?
boredsquirrel@slrpnk.net 5 weeks agoThanks for the tips!
Both SSDs are SATA and I want to LUKS encrypt both too.
So automatic updates could work, but I guess I would need to manually reboot as there is no remote LUKS unlock option. Debian has one?
That would also be a reason against Fedora with its very fast release cycle.
poVoq@slrpnk.net 5 weeks ago
I would carefully think about what realistic threat scenario full disk encryptio protects you from.
On a server that runs 24/7 at-rest disk encryption usually helps very little, as it will be nearly always unencrypted. But it comes with significant footguns potentially locking you out of the system and even preventing you from accessing your data. IMHO in most cases and especially for beginners I would advise against it for a home based server.
boredsquirrel@slrpnk.net 5 weeks ago
Hm, so when using Nextcloud, is the db itself encrypted or something?
All my devices are encrypted.
Access to the decrypted data requires RAM access, i.e. cold boot attack. Or access to the server via ssh (fail2ban, strong keys) or the admin or user nextcloud accounts (again with strong passwords and possibly TOTP or webauthn).
I already fiddled with the required Nextcloud Addons for TOTP and it worked great. Webauthn is an Android/GrapheneOS limitation poorly, maybe that gets fixed some day.
The issue of course is upgrades. I should do a second post on that topic. There are solutions for that, like mounting encrypted partitions and running Nextcloud on there. This could be automated.
For the obvious raid attack, I would have a udev rule that detects when AC is disconnected and then performs a clean shutdown.
poVoq@slrpnk.net 5 weeks ago
No the Nextcloud DB is not excrypted, but neither is your LUKS file system while the computer is running. Anyone getting access to the server while it is running, can access all the data unencrypted. For a server this is the much more likely scenario than for a Laptop, which might get stolen while turned off.
At-rest disk encryption is useful for servers in co-location hosting, where a 3rd party might be able to pull a disk from the system, or if you are a large data-center that regularly discards old drives with customer data, and you want to ensure that no 3rd party can access that data from the discarded drives.
boredsquirrel@slrpnk.net 5 weeks ago
Yes the threat model is people pulling out the drive, of course.
How should they get access to the server when it is running? You still need to connect to it and log in, which wouldnt be the case.
boredsquirrel@slrpnk.net 5 weeks ago
The threat scenario is currently very harmless, but I had situations where Raids could be likely. This is always a shitty case, you need to hide a backup laptop in a different location etc.
But honestly I just find this security hacking a ton of fun.