So I was reading this. And it seems pretty good. In my current set up if my server ever just restarts or something I just kind of don’t have it until I get home. Which is no issue because my set up is just local anyway hehe. Still I am thinking of changing my set up to be more of a real server. I don’t really need the encryption, but I have it and feel I should use it out of some principle of the matter.
So what is the workflow that people use if they need to restart or there is a power outage and want the server to turn itself back on, but no one would be around to unlock the LUKS?
I have an initramfs script which knows half decription key and fetches the other half from internet.
My threat model is: I want to be able to dispose safely my drives, and if someone steals my NAS needs to connect it to a similar network of mine (same gateway and subnet) before I delete the second half of the key to get my data.