Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Securing / lockdown unraid and a VM with xen

Featured Replies

I would like to physically move my unraid box to a rather insecure location. I also would like to virtualize unraid (probably with xen) as I will need to deploy some secure data to another VM running Ubuntu.  Two things, how can I lockdown unraid, (l'm assuming I will need to disable telnet) and secondly how can I protect the Ubuntu VM , encrypted lvm?

Thought?

Define "rather insecure location". IF this is physically insecure as in someone can reboot the box if they like then you have a big job in front of you (i.e. basically impossible).

physical access means root access!

  • Author

When I say, "rather insecure location", I just mean it's out of hands and in an area where I cannot guarantee someone would not tamper with it, the likelihood is extremely low however. And you're right Owel, I guess physical access means root.

 

I think my bigger question is I'd like secure the data on the VM, not so much the files on unRAID. My first instinct was to read up on encrypted filesystems (I heard of LUKS) and possible configure a VM to use it. As I never used an encrypted filesystem, I just don't know.

 

At the physically location, how difficult would it be if someone got root on the unRAID host and got access to the guest VM disk files and attempted to hack the linux VM running an encrypted filesystem. Without the key, would this still be possible?

My first instinct was to read up on encrypted filesystems (I heard of LUKS) and possible configure a VM to use it.

 

Ding, ding. We have a winner!

seriously your requirements are mutually exclusive.

 

"secure data" in a "rather insecure location" cannot work

 

If the right people can get to your running box they will be able to get your data period. everything you do will merely serve as a hurdle not a barrier.

 

Consider carefully if you mean what you say with regards to secure and insecure.

 

 

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.