I was just talking about this with a friend since people around us seem to be dropping like flies. What happens to our personal servers and home labs when the worst happens?
I personally don’t care who sees what; compared to most I’m sure I’m vanilla af. 🤣 Enjoy my 20 year music collection, alive people? 😜
But it got me thinking: It would be great to have a self-hosted front end or something where on a login in screen (maybe at auth level like with Authelia), you had an “emergency” option where in we could predetermine what to immediately nuke, and what to either move to a shared cloud folder, offload to a local external drive, or just make available like local file hosting; something like that.
Does anything exist like this? If not, what ideas do you folks have in this regard, or what do you currently do? I feel like this could be a really useful service if done correctly.
Most drives nowadays are SED enabled, you could just set a random password and lock them
I think the right name for this kind of thing would be dead man switch
You might be interested in https://github.com/ItalyPaleAle/hereditas
It’s a deadman switch that houses your docs/data, encrypted, on a self hosted static website.
what to immediately nuke
This scenario is the one that you have to approach differently than the others. The only way to approach with this scenario and be reasonable sure it’ll go the way you want, is to have the default state be inaccessible. i.e. everything that you want to be “nuked” has to be already in an encrypted state that only you are able to access. This way, the nuked state is the default state if you aren’t around to grant access.
Yes, we done this in 1985, using state-of-art 40-bits encryption. It’s totally safe, because it’s commercial grade encryption system.
Did you have a point you were making?
I recently thought about as well and I will probably code something myself.
Current idea is to give 2 ubikeys to my wife and my mother. Together they have a pw which can be used to decrypt a gpg backup with all documents and the master pw to my vault warden instance.
Also, take a look at this: https://github.com/potatoqualitee/eol-dr
Vaultwarden can send a link to a person of your choosing with all your passwords if you do not login within a certain amount of time. This is key… Mortgage, banks, wifi, email, utilities, credit cards… This list goes on.
Had a friend pass and his wife could not cancel some things without a death certificate, even then she had a hard time.
I misunderstood this feature. For some reason the way it was worded, I thought it was more of an “I’m about to die, let me establish this other user with access to my vault”
This sounds great, thank you for this gem of a tip