1 |
On 2020-08-28 19:43, Grant Taylor wrote: |
2 |
> |
3 |
> The only way to get the key is to extract it out of the running VPS's |
4 |
> memory. Something that I think is beyond the capability of many, but |
5 |
> definitely not all, people. |
6 |
> |
7 |
> ... |
8 |
> |
9 |
> As long as STARTTLS is used (and validated) between the MTAs and the VPS |
10 |
> provider doesn't have a way to get the keys (because they are on an |
11 |
> encrypted disk), then the contents of the transmission should be fairly |
12 |
> secure. |
13 |
|
14 |
I think I see where we're diverging: I'm assuming that the employees of |
15 |
the VPS provider can hop onto any running system with root privileges. |
16 |
|
17 |
I suppose you can make that pretty annoying to do. If you're willing to |
18 |
encrypt everything, then you can even put /boot on the encrypted disk, |
19 |
unlocking it in (say) grub. The VPS provider can still replace grub with |
20 |
something that faxes them your password, but it's not totally trivial. |
21 |
(How are you accessing the console at boot time? Is it using software |
22 |
from the VPS provider? It's turtles all the way to hell.) |