
gagootron
@gagootron@feddit.org
- Comment on Anyone use Clevis + Tang to protect data on their home server? 2 weeks ago:
The benfit of tang is that you don’t store the secret on a shared server.
The server has a single keypair that it reuses for every client, and each client has thier own keypair.
The encryption key can only be recovered when the client and server perform thier handshake. And only the client gets the key, the server cannot see it.
- Comment on How do you protect a remote backup from a compromised account? 3 weeks ago:
A system like proxmox backup server can do this scurely. There you can create a user that can only add new backups and read the existing ones, but cannot delete any or read anything else on the remote host.
Otherwise if you only care to protect the remote machine, then something like an ssh chroot jail would also work.
- Comment on Messed up an old kindle 4 weeks ago:
looks to me like you connected some pads right under the pad you ripped off. Maybe you shorted a power rail there?