Comment on Encrypting without full disk encryption question
Passerby6497@lemmy.world 11 hours agoOn my TODO list I also have to implement some sort of notification to get an alert when the decryption key is fetched from internet.
Why is it fetchable by arbitrary IPs from the internet? I’d think you’d lock it down to an IP/only make it available locally.
lorentz@feddit.it 8 hours ago
The decryption key is more than 20 random character, so if you get only half of it is not a biggie and it doesn’t look like anything interesting.
It is on the internet mostly because I don’t have anything else to host it locally. But I see some benefit: I wanted for the server to be available immediately after a power failure. If it fetches the key from internet I just need for the router to be online, if it fetches it from the local network I need another server running unencrypted disk.