Perhaps a good time to mention I have several raspberry pis I could add to the mix.
ryokimball
joined 2 years ago
I just got a NAS and downloaded all my GOG and Humble games into it. Didn't even occur to me that something like this existed. I'm going to have to give it a try soon, since it sounds like Linux through Wine is supported.
Sometimes all you need is a good heart.
This has been on my mind, I have yet to do it but the implementation seems trivial.
You can use typical luks full disk encryption with a password. Luks actually has five password slots. Passwords do not have to be actual text, they can be a file or even part of a file.
So my idea is, buy some really cheap, low profile USB flash drives and store some seemingly innocuous data like cat pictures or public domain books, IDK and it doesn't matter what the actual data is. Use full disk encryption and set a regular password, then add a second password that is a file or part of a file that lives on the flash drives, and have it set up to look for that file on boot as an option for unlocking.
Now the disc is fully encrypted but will boot/reboot without interruption as long as the flash drive is installed. You can remove the flash drive when you're feeling paranoid, or even better only install it when you are going to be away for a while. If you leave with the machine having the flash drive but are feeling worried, you can remote into the machine and edit / delete the file or just clear the key slot from Luks.
That's what's been on my mind, anyway. I think the typical suggestion/solution is to just use drop bear and remotely unlock using that, or don't use full disk encryption and selectively encrypt your data instead (partitions or userspace encryption).
I'm not going to proofread this so I hope it makes sense