I'm considering to use an encrypted file system (dm-crypt or gocryptfs) in a linux system hosted by Linode. Can the administrators of Linode access the mounted (i.e., decrypted) contents? I'm not sure which technology they use to provide a virtual system. But anyway I've installed Arch linux and have a full control on the system. I think they cannot modify the kernel and system softwares provided by Arch. So I think that as long as they don't know my root password, it's very hard to read the mounted contents. Is that true?
Asked
Active
Viewed 167 times
1 Answers
0
If it is a virtual machine provided by Linode, they can access the decrypted contents.
Linode controls the host OS of the VM, and the host can access all memory of the VMs. Therefore the host can extract the encryption key from VM memory, and use that to access the disk contents.
What is hard is a relative judgement, but Linode would have to go through some effort if they want to read your disk data.
Tero Kilkanen
- 36,796
- 3
- 41
- 63