Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Any XenPV LUKS Full disk encryption tutorial(for SolusVM)?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Any XenPV LUKS Full disk encryption tutorial(for SolusVM)?

Has anyone setup Full-disk LUKS encryption on Xen PV (managed by SolusVM) for one of the Debian-based distros?

Comments

  • BoxodeBoxode Member

    Such encryption can be broken into in a shared-VM environment AFAIK.

  • KuJoeKuJoe Member, Host Rep

    Boxode is correct. If it's a virtual machine then your provider (or anybody else with physical access to the node) has access to the encryption keys.

    Thanked by 1vimalware
  • BoxodeBoxode Member

    KuJoe said: Boxode is correct. If it's a virtual machine then your provider (or anybody else with physical access to the node) has access to the encryption keys.

    Really depends on how the keys themselves are stored, but yeah for the most part the encryption is useless because anybody with physical access to a node can scan the ram for the keys :(

    Thanked by 1vimalware
  • vimalwarevimalware Member
    edited July 2014

    Thanks for the reminder. I've read the other threads discussing it. :)

    I'm still curious if anyone's attempted the process with Xen PV.
    LVM over LUKS on KVM is pretty straightforward with manual ISO installation.

    The only resources for Xen Virtualization I've found are Linode specific:

    http://spin.atomicobject.com/2013/03/18/linux-encryption-cloud-luks-linode/

    https://library.linode.com/security/full-disk-encryption

Sign In or Register to comment.