All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
VPS providers, do you encrypt disks behind your kvm servers?
Hello all,
i've read a sad little story regarding Scaleway, they lost a SSD that was sold on "Leboncoin", a CraigList like website. A Youtuber found it and tried to find some contents, he identified the name of Scaleway. Scaleway did a communication about it. With a friend we are talking about responsabilities and how this could be handled so, we have a question.
As a VPS provider, you probably host or rent some dedicated. Do you encrypt disks on host side? Does this encryption can prevent a stollen disk to reveal its datas? If you don't do that, can you tell me if you have the choice or if it's not possible?
I understand that as a customer it's my responsabilities to encrypt my datas, even if my provider do it for me.
Thanks a lot for your feedbacks and informations, i'm really curious now ^^.
Comments
We use self encryption ssds if you lose the password you can trashcan them.
Oracle Cloud always encrypted their disks, as well as iSCSI connection between compute VM and storage.
User has some control over the encryption key, but the encryption key is stored somewhere in Oracle Cloud, so that it wouldn't help if the whole cloud infrastructure is compromised.
Not a provider but all my KVMs have LUKS encrypted root partitions. Doesn't prevent the provider from yoinking the encryption key from memory when running but it does protect data-at-rest as in cases like this.
Elsewhere Windscribe VPN weren't using disk encryption on some of their servers.
Source: https://arstechnica.com/gadgets/2021/07/vpn-servers-seized-by-ukrainian-authorities-werent-encrypted/
My guess would be that the encryption key is stored securely in a TPM somewhere. Most large providers store encryption keys in some way that makes them very very difficult to exfiltrate.
I believe it can slow read/write speeds, and some providers choose to leave them not encrypted to prevent it
It's definitely slower than regular speeds, but it shouldn't be too slow if the CPU supports AES-NI. Most CPUs in use today should support it.
I'm curious about @Francisco and @seriesn and @VirMach and @MikeA and @MikePT and @ViridWeb and @dustinc answers as well, as they are known and experienced providers here also ^^.
(You are indeed. )
There are no plurals.
Also see my sig.
No, if a user wants to they can do their own cryptoluks. It's a performance hit that the majority of our users wouldn't care for.
We do zero out user data at cancellation time though.
Francisco
We do not encrypt data. We thought about it for the new hardware we're doing but decided against it there too. We did set something up with SolusVM where at some point after cancellation the LVM is nuked to some degree in a write-intensive operation. I don't remember the details very well, it was set up a while ago, I didn't handle it personally, and I am not sure how well it works, but from my understanding this would result in the data actually being physically overwritten versus pretend deleted.
We initially enabled this to deal with a SolusVM bug that otherwise appeared. I'm paraphrasing very hard on this... I think SolusVM basically would think that the data is still written and/or thought the LVM didn't create properly.
Data may still linger in the form of a disaster recovery backup.
Always encrypt your drive. KVM or DEDI. Doesn't matter. Is only your responsibility as the customer, not the provider.
For those who encrypt their disks, how do you handle entering the decryption password without manual intervention? I'm OK if it's for 1 disk, but I cannot imagine doing it at scale.
...that's the point you should always be doing it manually.
Francisco
No we don't do that by default.
no big cloud provider encodes the disks, except for customers who explicitly request such a service most for dedicated servers ( or VM with dedicated storage ).
It's also nonsense when using distributed storage!! the disk of each VM is actually the sum of many crunches on different disks in different storage - without metadata table the disk are not readable
We use for cloud :
Hi @o_be_one -- by default, no - though I have noticed some customers choose to install their own OS from ISO and/or encrypt it themselves after the VPS is provisioned.
Additionally, upon decommissioning any drive physically from production should we ever need to, we do securely wipe/zero out the drive(s). For our bare metal/dedicated servers, should a customer ever consolidate or cancel one - we use dban before repurposing it for another end-user.
Encouraging assurances from some of the providers.
Disk encryption is great, we just don't use it for our shared/reseller hosting servers. There's always a way to get in. Granted, it's a preventive way to avoid that.
For the companies we provide NOC Services / Ticket Support to, I don't know exactly how many VPS/Dedicated Customers encrypt their disks, but I'd say it's pretty rare to be honest.
no? pay for a managed service and request it.
Encrypting the disks still causes a performance hit, but of course customers can encrypt their disk on VPS and/or during server (re-)installation.
We use encrypted connections between data centers e. g. for migrations and backups etc. and of course we securely erase disks.