Encrypt Your Servers
MCLD 2012 | Sun 09 Aug 10:45 a.m.–11:30 a.m.
Presented by
-
Romeo Solano
https://punkto.org
Romeo is a professional Linux user who struggles writing an autobiography. Some of his work, which speaks for itself, can be found online at punkto.org.
He cares deeply about securing personal infrastructure from state-level adversaries. Everyone deserves for their personal computing and their infrastructure to keep their information safe from prying eyes.
Romeo works professionally as a sysadmin for a bioinformatics research firm managing their infrastructure systems. In his free time, he works unprofessionally building systems for himself, family, and friends for fun. He winds up running things like a personal media server for his fiancé and a password manager for his grandmother.
Romeo likes to seek the silliest ways to solve problems, instead of the most sensible or cost-effective ways. This drive towards whimsy has brought him into technical situations that software developers and documentation writers never imagined. It has forced him to dive deep into the inner workings of various tools, a dive that has only been possible due to the Free nature of the software.
Romeo Solano
https://punkto.org
Romeo is a professional Linux user who struggles writing an autobiography. Some of his work, which speaks for itself, can be found online at punkto.org.
He cares deeply about securing personal infrastructure from state-level adversaries. Everyone deserves for their personal computing and their infrastructure to keep their information safe from prying eyes.
Romeo works professionally as a sysadmin for a bioinformatics research firm managing their infrastructure systems. In his free time, he works unprofessionally building systems for himself, family, and friends for fun. He winds up running things like a personal media server for his fiancé and a password manager for his grandmother.
Romeo likes to seek the silliest ways to solve problems, instead of the most sensible or cost-effective ways. This drive towards whimsy has brought him into technical situations that software developers and documentation writers never imagined. It has forced him to dive deep into the inner workings of various tools, a dive that has only been possible due to the Free nature of the software.
Abstract
Encrypting the data stored on the disks of your server systems is a valuable tool that helps protect yourself and your users. This protects you from power-hungry privacy-hating governments and corrupt service providers, and it simplifies the e-cycling process. Say goodbye to DBAN and hello to LUKS.
This talk will cover both how to set up your encrypted server and how to encrypt some of the data on an existing unencrypted system. You will learn how to automate decryption unsafely and safely, and how to recover from reboots without needing physical access to your machine.
We'll talk about the overhead of software encryption and some of the trade-offs made.
The examples used in this presentation will be for Ubuntu Server, but they should be portable to any distro of your choice.
A full writeup can be found on punkto.org.
Encrypting the data stored on the disks of your server systems is a valuable tool that helps protect yourself and your users. This protects you from power-hungry privacy-hating governments and corrupt service providers, and it simplifies the e-cycling process. Say goodbye to DBAN and hello to LUKS.
This talk will cover both how to set up your encrypted server and how to encrypt some of the data on an existing unencrypted system. You will learn how to automate decryption unsafely and safely, and how to recover from reboots without needing physical access to your machine.
We'll talk about the overhead of software encryption and some of the trade-offs made.
The examples used in this presentation will be for Ubuntu Server, but they should be portable to any distro of your choice.
A full writeup can be found on punkto.org.