I need to deploy a Rails application to client's on-premises server and I want to prevent the viewing and modification of source code.
Client has physical and root access to the server.
How can I create a encrypted linux container(VM) that nobody(even root) has access to and requires a username/password to access files.
Any suggestions?
Client has physical and root access to the server.
Then you can't do anything to stop them reading your data, they have the tools to snapshot disks/memory etc and can analyse them. You may be able to slow them down by using whatever virtualisation technology the host provides to create a Linux VM and encrypt it's disks with LUKS. Note though that your proposed idea will require that you be 'present' to unlock the disks each time the VM is booted.I can't see that ending well.
