6
1
I was reviewing the different alternatives I have (like ext4 encryption) but I think all of them are vulnerable for root to just enter into my home account and see what's stored in there, which is something really easy to do when someone gets ahold of the computer.
I'm looking for a way to make my files unaccesible, even for root, even if someone takes on the bare metal. I'm willing to risk losing my data if I forget the key, that's not an issue, it's actually desirable.
Is it possible to mount that file automatically on startup? So, my service could be running even if the machine is rebooted. – almosnow – 2016-03-11T19:00:23.933
1Then the file is always decrypted, so it is not the solution you seek for, or I am missing something? – mstruebing – 2016-03-11T20:32:21.317
Yeah, it wouldn't work for my scenario. Is there a way to "lock up" a Linux deployment in a way that no one else can access into it? – almosnow – 2016-03-11T21:11:33.287