Security

5010 readers

1 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

[email protected]

How do you manage your different encrypted files/storages? (lemmy.cat)

submitted 11 months ago by [email protected] to c/[email protected]

1 comments fedilink hide all child comments

I'm curious to know how people manage their different encrypted storage here. And I'm talking about the case where you really need to manage SEVERAL encrypted storages/files.

What software do you use? Where do you save your passwords (password manager/paper/other) or do you use physical keys?

In short, what's the best combination you've found or recommend to cover as many attack surfaces as possible: remote, local, physical, etc.?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 11 months ago

Nice try, FBI.

I usually use LUKS2 and a password manager with a keyfile (on the LUKS encrypted partition). The passwords for them are in my head.

Remote LUKS systems are set up with dropbear in the initramfs so I can enter passwords without being present or having access to IPMI. After a few tries the system nukes the LUKS header and I have to manually recover it from backup.

I also have an emergency password DB without a keyfile, where the password is the beginning of a chapter of a readily available book. I won't tell you which book or which chapter though 😃