Unlocking local storage at boot

posted 1 year ago

I’m trying to build a headless server that has sensitive data on it and needs full disk encryption. I want it protected from physical theft and as far as I can brainstorm, that means at boot, the storage has to be unlocked manually. I know I can do this with remote access through remote console IPMI board but was wondering if I’ve just missed a way to solve this problem without using extra hardware. Have any of you homelabbers dealt with this problem set without using IPMI cards?

Sort:

Hot Top Controversial New Old

You are viewing a single thread.

View all comments

[ - ]

roiki11@alien.topB

1 point

1 year ago

Depends what you want to do, there are a few alternatives for luks. TPM, nbde server, dropbear-ssh, usb key, yubikey.

You can use any combination of the above with password being a fallback.

permalink

report

[ - ]

rotten777@alien.topOPB

1 point

1 year ago

dropbear-ssh is what I’m looking for. thanks!

permalink

report

parent

Homelab

!homelab@selfhosted.forum

Create post

Rules

Be Civil.
Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
No memes or potato images.
We love detailed homelab builds, especially network diagrams!
Report any posts that you feel should be brought to our attention.
Please no shitposting or blogspam.
No Referral Linking.
Keep piracy discussion off of this community

Community stats

9
Monthly active users
1.4K
Posts
6K
Comments

Rules

Community stats

Community moderators