33
Anyone use Clevis + Tang to protect data on their home server? (www.youtube.com)
submitted 2 days ago by uuj8za@piefed.social to c/selfhosted@lemmy.world
19 comments fedilink hide all child comments

This is an alternative to manually typing your password to decrypt your home server disks.

The idea is that you have a Tang server somewhere on your local network. When your server boots up, it needs to communicate with the Tang server to unlock the disk. Tang doesn't store the key and is stateless, but the client requires Tang's cooperation to compute the key.

For me, I'm thinking about someone breaking into my house and stealing my computer. Currently, I have LUKS read a keyfile from a USB drive... but I almost always leave it plugged in... so a thief would probably accidentally steal that too.

With this setup, I'm thinking maybe I could setup a Pi on the opposite side of my house, ideally hidden. And then if my home server gets stolen, LUKS wouldn't be able to reach my Tang server, and therefore not unlock anything.

you are viewing a single comment's thread
view the rest of the comments
[-] onlinepersona@programming.dev 1 points 7 hours ago

Is it a special device? How does it send signals for mouse and keyboard? Via some USB protocol? And how is the video transfered?

this post was submitted on 28 Jun 2026
33 points (94.6% liked)

Selfhosted

60253 readers
449 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world