1

I was reading this question: Where do you store your personal private GPG key?

I have my set up as noted in this comment: Where do you store your personal private GPG key?

But instead of using a cloud provider I use my own, self hosted cloud-like syncing service.

I notice some downsides right away:

  • my keys are still only as good as my password protecting my key container
  • the uptime and service guarantee of my sync is only as good as I can provide it (no high-availability for example, as of right now. But it hasn't failed me (yet)).

But the major question I'm asking myself, since reading that everyone seems to be putting their keys in some form (QR code, container, encrypted, split in various parts, etc.) on some cloud provider:

Should I be using a cloud provider or my own self-hosted service?

Benefits are clear for self-hosted:

  • Only indirect access by anyone vs cloud provider might be able to access my files without problems
  • My own little server somewhere on the web is less likely to be focus-targeted by malicious actions than a cloud provider

The downsides are:

  • My self-hosted might certainly lack behind on updates from time to time (like when I'm busy with a hard week at work and I'm lacking on installing potentially important security updates)
  • I cannot provide the same activity-/request-/any monitoring as a large provider can to notice when malicious actions happen and take action

So what do you say? Put my key-store on a cloud provider (some AWS, Google Drive, OneDrive, Host it in a private github, etc.)? Or keep it on my self-hosted?

Patrick Mevzek
  • 1,748
  • 2
  • 10
  • 23
Worp
  • 111
  • 4

2 Answers2

0

Unsure whether it is or not relevant, but IMHO the most secure server for an internet based thread is an offline server.

If it is possible for your use case, I would keep the syncing service offline most of the time to reduce the possible attack times, and then put it online only when I would need to sync something, if possible after ensuring that all security patches have been applied. An alternative way would be to only use a limited access private network, but this is often a dead end way.

Serge Ballesta
  • 25,636
  • 4
  • 42
  • 84
  • Limiting the online time is a good suggestion. Hadn't thought of that. Could you elaborate on the dead end? Having it online in a VPN all the time and connecting to the VPN when sync is needed might be a good idea, or am I wrong? – Worp Mar 19 '20 at 12:54
  • When I spoke of *private network* I was thinking of a direct access on a LAN which is not always easy from a tablet or smartphone. – Serge Ballesta Mar 19 '20 at 22:04
  • Ah. Understood. It could, however, be on my home network and available on wifi, which would at least limit it to attack vectors inside my home network. And since all my devices do eventually connect to my home network at least a couple times a week, everything would be reasonably synced. I'd have to carry the chance of data loss when on a trip and devices holding changes break before they can sync. And devices would not sync between each other while on the trip. – Worp Mar 20 '20 at 09:15
0

Only indirect access by anyone vs cloud provider might be able to access my files without problems.

Self hosted is great when you have good administration skills, keep track of changes, have standard processes in place, and can recreate all the environment in case of disaster. Otherwise is good when installed, and a headache after a couple months. Specially when a private key is part of it.

Accessing your files without problems isn't guaranteed. You may delete the wrong server. Your VPS can die because of the provider (happened to me). Or someone may compromise the server and steal/encrypt/delete your files. So unless you spend considerable time managing your own solution, long term access to your files may not be possible.

My own little server somewhere on the web is less likely to be focus-targeted by malicious actions than a cloud provider

It won't make a difference. Bot scanners don't care if your server is on Amazon, Azure, or your own home IP. Some bots are optimized to scan servers running on large providers, but you can be sure that a lot of bots don't care where you are, they just scan the whole IPv4 space and attack anything that they can find.

So what do you say? Put my key-store on a cloud provider (some AWS, Google Drive, OneDrive, Host it in a private github, etc.)? Or keep it on my self-hosted?

It depends on how much you are willing to spend protecting the key. If the key is worth enough, a dedicated secure environment will be the best choice. But a choice that will be more expensive than running a VPS on Amazon.

There are special services around that manage the keys for you. They cost way more than the average VPS (or even dedicated server), but their business is secure management of private keys.

On the end, it's a risk management decision. You have to calculate the probability of losing/compromising the key, the financial damage it would cause, and the cost you are willing to pay to overcome this risk.

ThoriumBR
  • 50,648
  • 13
  • 127
  • 142