1020ps

Unfortunately they don't allow to bring ur own hardware anyway.

Well if u wanna have proper bandwith, the only option is a datacenter in my eyes. So as always when u run something not on premises it has to be safe of local and remote access.

It's sad, that security is not a priority in the development. I will now try to run unraid in a vm and emulate a flash drive including guid on a full encrypted vm host. I will share once it's done.

So u r saying, the person who did it already, is lying? In the quoted other thread another user literally said, he was able to do it.

Do u have a guide how to separate the boot volume from the flash drive so the flash drive will not have any data on it, just being present for the license?

so then i would have to fully emulate a flash drive that it looks like a real one and having a guid. It looks like this guy here managed to have the usb flash drive only for licensing and booting from different disk:

I wanna host the machine in a datacenter. I wanna make sure nobody, even with physical access can read the config or the content.

So the only bullet proof safe way would be having a luks encrypted ubuntu machine starting from usb and asking for the passphrase via ssh by using dropbear. Unraid will than be running in a virtual machine with nested virtualization enabled. All the disks will be passedthrough to the vm. But what about the flash drive for the license then? I read something that it can't be a virtual volume. Can the config be on a separate (virtual) device and a hardware flash drive being used only for the license? And i will passthrough that to the vm also. Will it work that way?

And all the configuration which is not necessary for booting is stored on the (encrypted) disks only? Where is for an example the password to login stored? If that is stored on the usb flash drive, an attacker could manipulate it on the flash drive to login with a new password. If it's stored on the (encrypted) disks, how can i login before the disks are unlocked for which to do i would expect that i need to login first?

so in fact it's safe with encrypted disks and typing the key manually on every boot? Even with physical access to the machine no one can break in?

On Ubuntu machines there is a separate boot partition which is unencrypted and is holding the initramfs which is having the dropbear application to unlock the luks partition. What is the operating system under unraid? What Data is stored on the usb? Can someone with physical access, access everything without knowing the password? For an example where are the encryption keys saved for the encrypted disks?

Hi guys, is it possible to encrypt the flash drive? I would like to do it by using dropbear, which let u type the passphrase via a small ssh server preboot.