[SOLVED] Questions regarding encryption

K

kpwn

New Member
Jun 8, 2021
18
0
1
30
Hi,
i got 2 questions to properly secure my data. The setup is one server running PVE an another server running PBS. All on premise. The VMs are stored on thin-provisioned LVMs that are encrypted using LUKS. The key is stored on a hardware token. I am really happy with that. Works great and offers high level of security against our main concern which is simple theft. If something gets stolen the disks cant be encrypted since the token requires a key and bricks itself after 3 failed attempts. The disk with proxmox itself on it is not encrypted.
  1. I enababled the backup encryption through the gui. It worked and created 2 files for each datastore of the PBS. one *.enc file and one *.pw file. According to the manual the *.enc file needs to be kept safe. I used the paperkey function and will keep the printout safe. However, the file is still on the PVE server (/etc/pve/priv/storage/<STORAGE-ID>). Can i safely shred it or is it required? What about the *.pw file?
  2. The feature to encrypt backups is done client side. The main purpose is usage with possibly untrusted PBS. I can trust my PBS so i do not require encryption for that reason. I need encryption incase the Disks or the entire PBS gets stolen. Can i somehow use a LUKS container or LVM OR thin-provisioned LVM as a datastore for PBS? If that is possible i can protect the data with the same method i use for PVE. I would prefer that as this solution is already working fine.
Thanks for all your help in advance.
 
re 1, the enc file is requried as it contains the key to encrypt the backup. without it, you can't create new encrypted backups, and you can't decrypt the existing backups
the .pw file contains the password for the pbs, without that the PBS can't be accessed anymore

re 2, sure, you can setup an encrypted partition/..., create a FS there, and add it as a datastore.
 
kpwn said:
Hi,
i got 2 questions to properly secure my data. The setup is one server running PVE an another server running PBS. All on premise. The VMs are stored on thin-provisioned LVMs that are encrypted using LUKS. The key is stored on a hardware token. I am really happy with that. Works great and offers high level of security against our main concern which is simple theft. If something gets stolen the disks cant be encrypted since the token requires a key and bricks itself after 3 failed attempts. The disk with proxmox itself on it is not encrypted.
  1. I enababled the backup encryption through the gui. It worked and created 2 files for each datastore of the PBS. one *.enc file and one *.pw file. According to the manual the *.enc file needs to be kept safe. I used the paperkey function and will keep the printout safe. However, the file is still on the PVE server (/etc/pve/priv/storage/<STORAGE-ID>). Can i safely shred it or is it required? What about the *.pw file?
  2. The feature to encrypt backups is done client side. The main purpose is usage with possibly untrusted PBS. I can trust my PBS so i do not require encryption for that reason. I need encryption incase the Disks or the entire PBS gets stolen. Can i somehow use a LUKS container or LVM OR thin-provisioned LVM as a datastore for PBS? If that is possible i can protect the data with the same method i use for PVE. I would prefer that as this solution is already working fine.
Thanks for all your help in advance.
Click to expand...
Could you share more detail on how you created this setup?

Particularly around how you integrated VMs with LUKS + a hardware token and it being bricked after 3 failed attempts?

As this could be useful for securing VMs which are backed up into the cloud (being at best only semi trustworthy)
 
TheDragon said:
As this could be useful for securing VMs which are backed up into the cloud (being at best only semi trustworthy)
Click to expand...
You can encrypt your backups clientside when using PBS using the built-in encryption feature. And PBS itself can do everything (except single-file-restores) without needing to know the encryption key. So PBS is great if you don't want to trust the hoster that is hosting your PBS.
 
  • Like
Reactions: TheDragon
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom