Sanity Check Setup - eviltoast

Just making sure I’m not missing something obvious:

Self-hosted Linux VM with protonVPN and QBitorrent installed on it.

QBittorrent networking bound only to ProtonVPN’s virtual interface with killswitch and secure core enabled.

Auto updates enabled and a scripted alert system if ProtonVPN dies. Obviously everything with very secure unique passwords.

Is this a safe setup to run 24/7 to torrent and seed with?

Are there any significant risks I’m missing? Thanks, fellow sea salts!

  • omalaul@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    What about file encryption? How do you store your new files?

    • escapesamsara@discuss.online
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      FDE is for physical attackers, it would have nothing to do with torrenting unless you’re really intending on pissing off every single criminal legal authority and not just worried about civil suits from copyright holders.

      • Fedora@lemmy.haigner.me
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Nah. If you piss off the executive branch in your country, then they can more likely than not force you to hand over the decryption key. Plausible deniability doesn’t exist when an encrypted drive of likely illegal content chills there in your room.

    • Appoxo@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      Why would you need file encryption?
      Not like having a drive full of movies is illegal…Except if OP has CSAM stuff inside. Than it should be very encrypted in case of loosing (or not depending if OP wants jail time).

      • spez@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        21
        ·
        edit-2
        1 year ago

        Except if OP has CSAM stuff inside. Than it should be very encrypted

        then OP SHOULD go to jail.

        • Appoxo@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Not like I don’t agree. Those vile people should.
          But something like that or actually confidential stuff you don’t want others to see is a valid reason to encrypt it.

          • Lettuce eat lettuce@lemmy.mlOP
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Holy shit yeah lol. Obviously nothing like that! I was confused as well why anything other than the generic Linux full disk encryption would be needed.

            This would be in a server closet, so not on drives that I would be transporting copyrighted media into other countries anyways.

      • _TK@lemmy.antemeridiem.xyz
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        file or disk encryption is only for protecting against attackers with physical access to the machine your VM is running on. Getting files from your server to local storage you should still use a secure connection and encrypted traffic to prevent ISP snooping, but going extreme on file encryption isn’t necessary unless you’re downloading actual heinous shit (CSAM) in which case you should go to jail.