On Sun, May 26, 2024 at 08:33:59PM +0100, 04-psyche.tot...@icloud.com wrote:
Hi everyone,
Is there any way to use disk encryption without having physical access to the
device?
You could use a USB keydisk (make sure you, and your assistant on the
remote server, have copious backup(s) of
this!) as an encryption device, as per this document:
https://www.openbsd.org/faq/faq14.html#softraidFDE
Cheers
Ampie
A few potential ideas:
- is there a way to enter the encryption passphrase via ssh?
- is there a way to create a non encrypted partition on the same hard drive,
where the keydisk would be stored, and automatically used? (For various
reasons, an external usb key is not feasible). And yes, I realize this would
weaken the security significantly, but I'd still like to know if it's feasible?
My guess is that it's not possible, but I wanted to ask to make sure.
Cheers,
Jake