How to go about partition encryption on remote server?

postcd · March 23, 2014, 1:00pm

Hi,

im having an linux webserver located in another country and i have just SSH access.

My aim is to protect (by encryption) /home partition on which are located website files and mysql database data.

So i found "LUKS" SW which can encrypt partition, but the thing i dont understand is how not to cause failures when apps like apache, mysql cals files from /home while its still encrypted after server boot, and how im able to enter decryption password duriong boot over SSH? What is the process, any tutorial, or you have better idea on webserver disk encryption? thx :o

DGPickett · March 25, 2014, 4:55pm

I suppose you might have a monitoring app on another server that detects when the web server is trying to start or restart, and does an https call to set the password. However, as it is in continuous use, it can be read from the vm pages in memory or on swap. Just what sort of attack are you worried about: stolen physical media, hacker invasion with root, ???

markjoseph · April 22, 2014, 12:46am

You will have to connect the app to detect the actions of the server, this will help in detecting the activity done.

Wordpress website builder