Securing tinc config files

Guus Sliepen guus at tinc-vpn.org
Sun Jan 24 09:50:39 CET 2016


On Sun, Jan 24, 2016 at 10:01:23AM +0300, Yazeed Fataar wrote:

> I hope this was not asked before. What methods can be used to secure the
> "tinc" config files? If for example using a VPS provider like digital ocean
> , how can one be sure that the local admins dont access your container and
> read the contents of the tinc config files? Is there a better solution ,
> should full drive encryption be used and dedicated servers?

You should consider any VPS compromised from the very start. Even
full-drive encryption on a dedicated server won't help unless you can
somehow make absolutely sure that someone with physical access to the
machine cannot access the encryption key or just log in. That is harder
than it sounds.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160124/fad271eb/attachment.sig>


More information about the tinc mailing list