Commit 9c1a74ab authored by Arie Peterson's avatar Arie Peterson 🐚
Browse files

First sketch of security considerations

parent 55bbba4f
# Considerations
## Possible reasons to use cryptops
* You want to make it harder for the hoster's employees to casually view your
* You trust your hoster now, but you want to have an easy way to cut off their
access to your data – maybe when they change owners, or when you anticipate that
they are forced by some authority to grant access to your data.
## Invalid reasons to use cryptops
* You don't trust your hoster, or you fear that they may be forced to grant
access to your data without a timely warning. If your hoster or a powerful
third party really wants to view your data, they could
* install a modified version of cryptops that doesn't really encrypt;
* man-in-the-middle your first ssh connection to the server running in the
initrd, capturing your encryption password when you first enter it;
* access your decrypted data in memory while your vps is active; etc.
It is very hard to prevent someone who has physical access to your (running)
vps from reading your data, and cryptops does not pretend to do so.
## Possible reasons to not use cryptops
* It increases the chance of data loss: if you forget or lose your encryption
password, a single reboot of your vps (for whatever reason) renders your data
irrecoverably lost.
* It can increase downtime of your vps: whenever your vps reboots, you need to
become aware of this (though we have a customisable hook to notify you of this
situation), connect to the vps, and enter your encryption password; only then
can the boot process of the vps continue. All this time the service provided by
your vps is not running.
* You may not need full-disk encryption of your vps: depending on the software
running on your vps, it could be easier to encrypt only some data directories.
On the other hand, it is easy to overlook some sensitive data stored in
configuration, cache files, temporary files, etc.
# Security considerations
See [here](
# Usage
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment