Hello all,
I'm familiar with full disk encryption whether that be through TrueCrypt, VeraCrypt or Bitlocker, file containers or full disk encryption. I'm less well versed in how Linux handles encryption but I want to learn.
I have a scenario I would like to pitch to you to see if it is possible to overcome to the problem whilst maintaining good security and relative ease of use:
Let's say I have a remote workshop that I want to install a PC into, I fear the PC could be at risk at being stolen at some point but I care more about the digital data than I do the hardware. So I would like to be able to protect the Browser and its associated logins, WiFi credentials, SSH keys and other data that may be on the computer.
Full disk encryption jumps to mind, however I'm also in a position where I might need to remotely control the system via VNC and perform reboots. So it would be nice to not have the system sat at a password prompt just after POST and inaccessible remotely.
Is there a way in which I can encrypt a home partion (will that be enough?) but I'm still taken to the usual Ubuntu login screen which I can access remotely?
Or is there an approach to full disk encryption, that can allow for or accomidate a one-off reboot where a password isn't required? I'm not aware of such a thing but I wondered if perhaps you had the system in a decrypted state perhaps if there was a mechanism which could be flipped where it could save/stash something during a warm-reboot whereby it might circumvent or decrypt the partition upon request?
How do others implement security and encryption but still manage remote control after rebooting? Thank you for your time and help.
Bookmarks