|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Crypted devices... where open them?
Am Mittwoch, 1. Juli 2020, 13:32:49 CEST schrieb J. Roeleveld: > If the domU is not owned by the same person as who owns dom0, then the > decryption should be handled in the domU as dom0 should not have access to > the decription keys. This is the design of Xen arch. DomUs superuser by priciple is logically different from Dom0. > If you own both dom0 and domU, you can decide where to use the decryption > keys. > In this case, I would decrypt it on the dom0. The reason being: So if you "own" DomUs and Dom0, you may own the hardware too, so why not doing it in the "storage hardware" (where lot of solutions exist too?)... ß) #bitjoke > 1) the dom0 should have less exposure, which means it will be more > difficult to break into and grab the keys On the other hand, such a solution "within xen" would require significant more complexity of Xen which itself would offers more exposure to attackers onto the whole system (even the ones who did not use that "feature")... The elegantness of xen is his simplicity. i would say: keep it simple and/or "fit your design"... Or use some crypto solutions integrated in the block device solution you decide for to use for DomUs at "device level" and unlock it byself before starting any DomUs - transparent to Xen itself. Xen allows scripting of such stuff. See /etc/xen/scripts/block-* scripts for instance. > 2) the data will be accessible anyway as long as the drive is "decrypted", you probably mean "unlocked"... > which means as long as the machine is powered, the keys are not really > needed. But same "applies" to DomU just my 0.2$ niels. -- --- Niels Dettenbach Syndicat IT & Internet http://www.syndicat.com PGP: https://syndicat.com/pub_key.asc ---
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |