Even if the thief plugs in the server designed to autoboot upon power restoration, the server will not submit attestations on the installed validators. The PIN prevents access to the wallet and the eth2.0 validator signing keys in the event of theft of the server. When combined with a UPS that will issue commanded shutdowns upon a mains power failure, it will remain unlocked so long as standby power is provided to the server by the UPS.Ī PIN will be required whenever the USB key is disconnected from the server or if the server is unplugged from mains power. The key will be configured to remain unlocked when connected to the server during normal operations, reboots, and powered shutdowns. This provides an added layer of security for the home server node operator by placing these files on an AES 256 encrypted USB drive that requires a PIN key to unlock. This guide explains how to configure a Rocket Pool node to store its node wallet, password file, and validator signing keys on an Aegis Secure Key (model 3N or 3NX). See Instructions for Using eCryptfs with Rocket Pool for more details. For this reason, the preferred method is using the Aegis key.
However, issues have been reported when rebooting and having the RP software stack access the \data folder before it has been decrypted on reboot. Note: There is an alternate method using eCryptfs that does not require the purchase of an Aegis Key. Instructions for using an Apricorn Aegis Secure Key with Rocket Pool
0 kommentar(er)
