* [PVE-User] How to secure the PBS Encryption Key
@ 2021-11-01 13:58 Tom Weber
0 siblings, 0 replies; only message in thread
From: Tom Weber @ 2021-11-01 13:58 UTC (permalink / raw)
To: pve-user
Hello,
in
https://forum.proxmox.com/threads/cant-set-an-symlink-in-etc-pve-for-zfs-encryption.96934/
fireon describes his problem securing the PBS encryption key.
I think his solution is only a workaround.
Suppose I encrypt local VM/Data storage on a node (without the / beeing
unencrypted for ease of booting/remote management), I end up with a PBS
Encryption Key lying around in clear that anyone who can get hands on the
machine can get.
Now all it needs is access to a remote PBS with the synced encrypted Backups
to get all the protected data that was in the VMs/CTs lying on encrypted
storage of the orignal node.
This is probably not a Problem of PVE or PBS on their own. But in
combination I think it's a weakness. "Stealing" hardware should not give you
such cleartext keys.
Any idea how to circumvent this? My first idea was the same direction as
fireon's by symlinking the key from some secure space - but this obviously
doesn't work.
Some way to manually unlock the key after booting the node or maybe an area
(folder) in /etc/pve/ that'd need unlocking for storing such information -
though that's probably quite some development effort?
Best,
Tom
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-11-01 14:02 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-01 13:58 [PVE-User] How to secure the PBS Encryption Key Tom Weber
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox