February 25, 201412 yr I would like to physically move my unraid box to a rather insecure location. I also would like to virtualize unraid (probably with xen) as I will need to deploy some secure data to another VM running Ubuntu. Two things, how can I lockdown unraid, (l'm assuming I will need to disable telnet) and secondly how can I protect the Ubuntu VM , encrypted lvm? Thought?
February 25, 201412 yr Define "rather insecure location". IF this is physically insecure as in someone can reboot the box if they like then you have a big job in front of you (i.e. basically impossible).
February 25, 201412 yr Author When I say, "rather insecure location", I just mean it's out of hands and in an area where I cannot guarantee someone would not tamper with it, the likelihood is extremely low however. And you're right Owel, I guess physical access means root. I think my bigger question is I'd like secure the data on the VM, not so much the files on unRAID. My first instinct was to read up on encrypted filesystems (I heard of LUKS) and possible configure a VM to use it. As I never used an encrypted filesystem, I just don't know. At the physically location, how difficult would it be if someone got root on the unRAID host and got access to the guest VM disk files and attempted to hack the linux VM running an encrypted filesystem. Without the key, would this still be possible?
February 25, 201412 yr My first instinct was to read up on encrypted filesystems (I heard of LUKS) and possible configure a VM to use it. Ding, ding. We have a winner!
February 25, 201412 yr seriously your requirements are mutually exclusive. "secure data" in a "rather insecure location" cannot work If the right people can get to your running box they will be able to get your data period. everything you do will merely serve as a hurdle not a barrier. Consider carefully if you mean what you say with regards to secure and insecure.
Archived
This topic is now archived and is closed to further replies.