encrypted black box on server?

[blublob]

I need to know if this is even possible.

I have gotten family members to use RetroShare to share files with each other, and also to keep multiple copies for backups, but in general our internet-speeds are appalling.

This made me think of renting a server with a 10 gbit line, and 2tb of space, and run it as our 'main node'.

The issue is just how do I actually completely secure the data.

My main idea is to run retroshare via xpra on the server, but I do not want the server company to ever actually be able to access our data, and this made me think of black boxes.

Is it possible to create an encrypted 'container' on the server that keeps the files and retroshare inside it, and the only way to access the data is via retroshare, or manually input the encryption keys?

 

example:

server (ubuntu)    ->    encrypted container (retroshare, data files)    ->    internet

 

What I have out so far involves using luks and setting up an encrypted block device, but the drawback is the encryption keys are stored in memory while the server is online, so anyone could potentially access the files while the server was running. I want it like a black box that exists on the server, and the only communication in and out of it goes via retroshare, and to be able to read what is inside it requires an input of the encryption key.

[Rainman_34]

What if your server is running an OS and you use veracript.  Then family members login to the server access the OS then open the veracript container input the password and store files there.

[blublob]

1 hour ago, mojo0243 said:

What if your server is running an OS and you use veracript.  Then family members login to the server access the OS then open the veracript container input the password and store files there.

It was complicated enough to get them started with RetroShare ;)

Besides they will probably just leave the container mounted after using it, and write down the 50+ passphrase in plain text somewhere...