iMeddles

@iMeddles@infosec.pub

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Simple safe encryption for a server?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
I worte a guide last year on how I do network bound encryption - that is the disk will automatically decrypt at boot if it’s connected to my home network, but not if the disk or machine is removed from my house. The advantage over the dropbear method is that you can set unattended upgrades to auto reboot your server whenever it installs security updates, and it’ll come back up with no manual intervention from you.
⁨Comment⁩ on ⁨Do you run a private CA? Could you tell me about your certificate setup if you do?⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
I don’t at the moment, because I don’t have a need for it, but I did for a while run a PoC with Step CA, and that seems like the easiest way to get up and running, even if its features are overkill for a home lab.