Comment by logifail
> I don't understand why anyone would use passwordless disk encryption
You want to install and operate a device at a remote site with restricted (or no) VPN access and where you don't trust the local staff?
> I don't understand why anyone would use passwordless disk encryption
You want to install and operate a device at a remote site with restricted (or no) VPN access and where you don't trust the local staff?
I set up a server last year which is at a remote site which is completely air-gapped from the Internet, it's allowed to see one local LAN and that's all. For any kind of admin task someone has to drive to site.
There is precisely zero chance that the relevant IT security goons would allow any kind of remote KVM/LTE connection.
How does this make sense?
Any change the untrusted local staff could make to the server, they could also make to the KVM machine (e.g. turn it into a keylogger).
Now you have the same problem but with a smaller computer.
You cannot turn untrusted systems into trusted systems by adding more untrusted systems.
A remote KVM, i.e TinyPilot will help avoid dealing with lack of trust in local staff. Additionally connection to the KVM can be done over LTE/Cellular if you don't trust the local connection too.