How to use a VPS without trusting the provider?

It is recommended that I create my cloud storage (for example nextcloud) and my mail server (for example mai-in-a-box or mailcow). but all of them store file and mail is plaintext and data center or VPS provider (digital ocean or any other provider) can read all of my data.
How can I be secure from physical access? having my own server is not a solution I want.

This is only recommended if you are able to operate your services securely. This includes strong authentication, hardening the server, applying secure configuration, regular patching, regular backups, monitoring and analysis of log files etc.

If the server is physically somewhere else, you have to trust your VPS provider. You can’t ensure physical integrity.

Furthermore, a VPS is just a virtualized server running on a host operating system on a physical server. So using a VPS means that you share a physical server with other virtualized server instances. This can introduce new threats. Your VPS provider must regularly patch the BIOS, host operating system, virtualizing software etc. Securing physical access and updating your virtualized operating system isn’t sufficient.

So the best way to ensure that nobody changed your system is using monitoring software and applications that check the integrity of your files. Since the VPS provider can manipulate the host operating system, there can’t be 100% security.

You can use end-to-end encryption. However, most data likely remains unencrypted.

3 Likes

encrypt them like what tutanota does or use gpg on all of your emails so yeah it will be already encrypted and about file upload next cloud already encrypts them so yeah or want better ? buy your own server (at least small Raspberry Pi it will work and wont get a lot of sources)

1 Like

Unfortunately, there’s still no FOSS cloud storage software that provides end-to-end encryption. Nextcloud was supposed to implement it the version 13, but it’s not usable and buggy as hell.

So, at the moment, the most secure solution is to host a cloud storage instance at your home.

1 Like

Seafile has E2EE that works well, but it’s actually not so secure (plus it leaks metadata)

1 Like

Assuming a generic Linux distro, let’s say Ubuntu Server (let’s also assume is being kept updated), accessible only via SSH with no password, regular user account with root privileges only, and files and directories read/write only by root; could the VPS provider still be able to read, write and modify the data in one of their instances with this setup?

1 Like

To clarify:
A VPS provider has 1 to many physical servers. On each physical server, they run their own host operating system (can’t be seen by VPS users). The host operating system runs software for virtualization (can’t be seen by VPS users). The virtualization software runs 1 to many virtual server instances. These instances are the virtual server you get when you pay for a VPS server.

It is basically like running VMs on your local desktop PC. Each VM can’t directly see or influence the host operating system.

Some of the famous CPU vulnerabilities can only be exploited in such shared environments. So if your VPS provider never patches the host operating system and the BIOS of the physical server, then (in theory) one VPS user could exploit such CPU vulnerabilities to access data of other VPS users on the same physical server. This is only possible since VPS users share physical hardware resources like RAM and CPU.

This is likely if your data isn’t encrypted. Even if you enable full-disk encryption, decrypted data is in main memory when in use. Moreover, you can physically access servers via console etc. There, you can directly log in using username and password. So you don’t need any SSH certificates for local access, and you can even log in as root.

2 Likes

SGX is another interesting approach for putting less trust in the hoster.

1 Like