[CentOS] Encrypted container on CentOS VPS

Mon Feb 24 09:41:53 UTC 2020
Pete Biggs <pete at biggs.org.uk>

> 
> What is a "loop way"? I googled it together with Linux and file and
> did not find anything.

The proper term is "loopback filesystem".


>  Is this simply like a separate file that is LUKS-encrypted and I
> would then mount it for remote access?

Yes, it's a filesystem in a file that you mount with '-o loop'.

>  If so, what would prevent the hosting company - which I presume is
> the root user - from also accessing it?

You provide the decryption password when you mount it.  Once the
filesystem is mounted anyone with the appropriate permissions can read
it.  You can reduce the opportunity of someone accessing it by only
mounting it when you need it and unmounting it as soon as possible.

TBH, if you don't trust the root user of a system, then there's not
much you can do - there are just so many ways a privileged user can get
access to things, both "legitimately" because of their absolute access
or "covertly" using trojans and so on that you would never know about.
If you have legitimate concerns about the hosting company, then find a
different one. 

P.