
Show HN: Encrypt your home-lab server disks using AWS Key Management Service - randomv
https://github.com/randomvariable/kms-cryptsetup.git
======
wjd2030
Sometimes I read about projects like this and just think to myself "Your
scientists were so preoccupied with whether or not they could, they didn’t
stop to think if they should."

------
TheDong
Threat-model wise, this seems no different from storing the decryption secret
on disk (wherever the access/secret keys are stored in this setup), with one
exception: remotely-revokable keys.

That is a nice property and a pretty cool way to achieve it.

~~~
randomv
There's a few different revocation options:

* `grant-computer` creates a KMS grant as per [http://docs.aws.amazon.com/kms/latest/developerguide/grants....](http://docs.aws.amazon.com/kms/latest/developerguide/grants.html) . `revoke-computer` removes the grant without touching the keys.

* The AWS access keys for the IAM user the tool uses, which can be rotated, revoked, recreated, etc...

* The per-disk encryption key, which can be deleted from DynamoDB

* The KMS CMK, which can be deleted, disabled, etc...

I mainly wanted to solve having to plug in a keyboard and type something in,
or having a key on a USB stick and be diligent enough to take it out of the
home.

~~~
justinjlynn
Once secret data, especially potentially valuable but small data, is shared
beyond one's own control, never assume it can be or has been deleted. In fact,
one should probably assume the opposite. Has it been saved? Probably not, but
it could easily be. Carefully evaluate your threat model, the risk might be
small enough to be acceptable, but always exercise great care in saying "but
it can be/has been forgotten".

------
advisedwang
My understanding is the machine needs AWS credentials to use this. So instead
of managing disk encryption keys, you have to manage AWS credentials instead.
Can somebody correct me if this is wrong?

If this is the case, then this is really only useful for managing multiple
disks and giving some remote control.

~~~
Kamshak
Quite nice since you can very easily manage aws credentials and get stuff like
2FA. Encryption Keys might be a bit trickier.

------
mlosapio
Because that’s exactly what I want to do - give my home encryption keys to
amazon.

~~~
aruggirello
Yep, and the keys could be renewed or revoked remotely. What could go wrong?

------
click170
This is really cool and reminds me a bit of Mandos which does full disk
encryption on headless servers using a network host.

The Readme didn't mention, can this be configured to SMS me when an encryption
key is handed out?

~~~
QuinnyPig
You can have an SNS topic configured to message you on a key creation event
via Lambda worst case. We’re talking maybe seven lines of code here.

------
mooreds
What happens if you need to decrypt a disk and you are not online? It wasn't
clear to me that you'd have access to your data.

Maybe that is OK, maybe not.

------
Tepix
Bizarre.

------
oconnore
The only confusing thing about this is: you’re cool with AWS but insist on
deploying your own hardware for personal projects!

You can buy a lot of EC2 compute per month before you hit the cost of running
outdated servers on your power bill.

~~~
TheDong
Absolutely not true.

You can buy a 1u server with 2 processors / 24 logical cores and 32 gigs of
ram off ebay for around $150.

Say what you have is 2x L5640 Xeons (pretty common, again on ebay). You'll be
drawing 80-150W depending on load per cpu. Let's say it's on the upper end and
you draw about 250W.

Average electric costs in the US are 12c/kwh. That means those cores will cost
around $20/month.

In reality, other things draw power, but your average usage will be lower, so
$20/month for 32GB of ram and 24 kinda crappy cores is about right power wise.

Look at AWS's pricing and tell me I can get anything even approaching that at
such a good price point.

~~~
martin_andrino
Comparing raw hardware with one of the dozens of services offered by AWS is
absurd to say at least, as you’re basically ignoring the whole platform that
enhances “EC2” - of course raw hardware price will always win, but that
doesn’t really mean anything as the comparison isn’t a good one.

~~~
ganoushoreilly
As a base problem of "I need fast storage and CPU resources" isn't necessarily
solved in the cloud either. If you're deploying hardware that needs to write
large amounts of data daily and requires high CPU availability, even if AWS
pricing was ok, you're still connectivity bound, which itself is an increased
cost. I can also see this being valuable for MSSP's deploying assets across
client networks and wanting to manage encryption keys in the cloud, vs on
prem.

None of the additional Amazon cloud features are even in play with the above
scenario.

