I am setting up a personal Proxmox server. I would like some protection against physical threats. Because I am relatively inexperienced with Proxmox and server administration in general, and because Proxmox seems not to have official support for (or decent documentation of) encryption, I would like to use an approach that is as uncomplicated, and well supported by Proxmox as possible. Ideally I'd like something that--once configured--doesn't complicate or change Proxmox administration, backups, or recovery.
My primary goal is to protect data-at-rest, secondary goal is to prevent tampering with the OS and/or bootloader/early boot process. My ideal solution is one that doesn't break anything in Proxmox, doesn't require diverging significantly from a typical unencrypted install, and doesn't change the workflow/system administration (most importantly it shouldn't make backup/restore excessively complicated). Bonus points if the TPM can be used for unlocking, or if that is not practical some other form of passwordless or remote authentication.
My setup--if it matters--will be a single node, mirrored nvmes for boot and probably VM/CT storage, and an additional ssd for auxiliary storage. It is probable that I will eventually add a Proxmox Backup Server for backups, and mildly possible that I might someday want to add a second Proxmox node.
Options I've identified so far:
My primary goal is to protect data-at-rest, secondary goal is to prevent tampering with the OS and/or bootloader/early boot process. My ideal solution is one that doesn't break anything in Proxmox, doesn't require diverging significantly from a typical unencrypted install, and doesn't change the workflow/system administration (most importantly it shouldn't make backup/restore excessively complicated). Bonus points if the TPM can be used for unlocking, or if that is not practical some other form of passwordless or remote authentication.
My setup--if it matters--will be a single node, mirrored nvmes for boot and probably VM/CT storage, and an additional ssd for auxiliary storage. It is probable that I will eventually add a Proxmox Backup Server for backups, and mildly possible that I might someday want to add a second Proxmox node.
Options I've identified so far:
- Use ZFS Native Encryption (for example)
- Use LUKS, with ZFS inside LUKS
- Use "self encrypting drives" (e.g. the TCG Opal spec that most modern drives support)
- Give up on encrypting the host/proxmox, and instead encrypt the guest OSes individually (or place all VMs/CTs on a separate encrypted drive)
- Give up on encryption altogether and instead focus on some other form of physical security/access prevention.
- Something else?
