Secure your data the native Linux way!
Just published a step-by-step guide to building a LUKS2 encrypted container on Debian 13 — with both CLI & a handy tray GUI.

https://reycdxyc24gf7jrnwutzdn3smmweizedy7uojsa7ols6sflwu25ijoyd.onion/2025/09/14/encrypted-container/

https://0ut3r.space/2025/09/14/encrypted-container/

#Linux #Debian #Encryption #LUKS #dmcrypt #CyberSecurity #Privacy #OpenSource #Tutorial #HowTo

PS: This fancy social media post was generated by AI. Because my posts are always boring, sad, and stale. xD

Frage an die datenschützenden SysAdmins und angewandten IT-Sicherheitsforschenden unter euch:

Bietet #Festplattenverschlüsselung in einem angemieteten #VPS auf #KVM-Basis einen wirkungsvollen #Datenschutz?

Dieser Text hat mich verunsichert: https://lowendbox.com/blog/how-private-is-your-hosted-data-really-even-that-encrypted-stuff/

Turns out, #LVM #RAID-1 with #dmintegrity over two separate physical disks and then putting a #dmcrypt device on top of the RAID is really slow. As in, it's estimating to take a week to do the initial sync on the two 12TB WD Red drives on SATA. (For comparison, zeroing out one of these disks should take 8 hours or something.)

Apparently it's a somewhat-known problem with dm-integrity, related to its journal.

How would you build something bitrot-safe & encrypted with that hardware? #Debian 12.

Is there a good way to have a #Linux server reboot unattended when the root partition is dm_crypt encrypted? I'm not super worried about bad guys being physically present. More just worried that a power outage might initiate a reboot while I am not present.

Is including the key file in the initramfs (correct terminology?) that horrible a thing if physical access to the machine is not a concern?

Thoughts or advice?