Hi all,
I can see from searching that a number of times the question of securing either shares or the pool itself has come up, but I can't find any definitive answers on whether it is possible or how to achieve it. This is all about reducing the risk if a thief walks off with the disks.
At the moment, should somebody walk off with my disks they have access to:
- some private ssh keys
- rclone config containing the keys for my encrypted offsite cloud backup
- plex usernames (and passwords?)
- backups of the various people that use my server as a target
- and so on.
I could solve each of those individually, by using VMs that encrypt the boot disk for example, but that means losing the [fantastic] benefit of the rclone plugins and dockers. At which point unRAID simply becomes a storage pool and disk health notifier (although it has my gmail one-time password in it!). I don't actually have any shares other than those used by the docker and VMs.
My server is in the house so entering the crypt key on boot up is perfect for my needs.
How do you all handle this?