Nostr Web Client

it's really easy when you remember that you can either partition the disk with the rescue tools or use files as the disk volume backing (most VPSs already have a swap set up this way). keeping the secret in separate, client only non-internet-reachable locations and writing simple SSH scripts that connect as root and run the volume mount is simple.

Mynymbox - Privacy friendly hosting solutions 4mo ago

There is still a huge security issue. Any provider can dump the memory of the VPS node and extract the decryption key. But for that the VPS node must be online and the key must be in the memory.

To avoid this you should use VPS providers which use AMD EPYC because then it is possible. to encrypt the memory without any chance to extract data. Its called SME (Secure Memory Encryption). Not all providers have activated it. On our Netherlands location it is activated.

Reply to this note

Please Login to reply.

Discussion

Freedom Tech Co. 4mo ago

This sounds great. What is the best way to contact you?

Mynymbox - Privacy friendly hosting solutions 4mo ago

We have Signal (mynymbox.10), SimpleX or sales@mynymbox.net

https://smp14.simplex.im/a#-hQO2deuaQsGEIQ3p2HF9SH_3Xn4Kck-S9Yh7lZIOe4