Approaches for Linux server disk encryption

What are the approaches available for fully encrypting a disk on a remote server (say, colocated in a datacenter)? On Windows, we can just turn on Bitlocker with a TPM. Then the server can reboot, and attacking either requires taking the machine while live and dumping RAM, or breaking the TPM. On Linux, what's available?

So far, I've found an IBM "blueprint" describing how to store dm-crypt keys in the TPM. Is this the best approach?

http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/topic/liaai/tpm/liaaitpm_pdf.pdf


Solution 1:

To understand the best solution to your issue you need to clarify what you are trying to achieve. In other words, what's your threat-model? Who is your attacker? You mention that to get around the encryption would require 'taking the machine while live' (by which I assume you mean hacking it), but that is the most likely scenario for a colocated server. Disk encryption is mainly of use in the case of physical theft.

You also need to consider what data are you protecting. You mention 'fully encrypting a disk', but does this require encrypting e.g. /usr? If you're running a standard distribution there is nothing of interest there. Without knowing more about what the server will contain it's hard to make recommendation.

But to give a more concrete suggestion, consider the following hypothetical server. It contains the following:

  • A simple website showing some products
  • A basic CRUD order application written in Rails/Django/whatever
  • A Postgres DB for customer information and orders

Of those components, only the database really needs protecting, so here's how I'd approach this:

  • Leave most of the machine un-encrypted (but make as much of the FS read-only as possible)
  • Create a separate partition for the database and encrypt it with a strong password using any of the available Linux encryption system (ecryptfs, etc).
  • After each reboot, login and mount the partition with the key, which is stored elsewhere.
  • On a reboot have the server alert me

You mention TPM, but TPM doesn't help you in a number of cases, such as if an attacker gains administration privileges. TrueCrypt have rejected support for TPM for this reason.

Solution 2:

You can also use TPM with dm-crypt:
https://github.com/shpedoikal/tpm-luks
http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions#2._Setup

If integrated on the initrd ramdisk, a small-footprint SSH server allows remotely entering the password to unlock the drive.

Please note none of the above mentioned solutions adequately protects from a skilled attacker with physical access to the server.