keks24
commented
3 years ago Hi X,
Have you seen anyone do that on their /boot partition?
I have not seen anyone, yet, who did that. I actually never thought about it, since I have no need for that.
Do you think it's feasible? Seems it's possible! I'll investigate.
This seems to be a tunneled SSH connection through the tor network, so it should work and be secure enough.
Although, it is a fancy thing to increase privacy, I will not implement this in the guide, since this is off-topic. The guide actually should be as basic as possible and focus on encrypting the root partition of the Raspbian stock image.
-Ramon
xanoni
Hey Keks,
Now that people are leaving their homes again, I realized that it would be super cool if the Dropbear was behind a Tor hidden service. Have you seen anyone do that on their /boot partition? Do you think it's feasible?
It sounds unintuitive, but despite the higher latency, Tor as an inbound connection into my network has generally been more reliable / lower maintenance than convincing a clearnet router to forward certain ports. Stuff always breaks at the wrong time.
Thanks, sir! X
EDIT: Oh nice, I searxed another time and finally saw this: https://nixos.wiki/wiki/Remote_LUKS_Unlocking
Seems it's possible! I'll investigate.