[vbezhenar]

I’ve found out that my VPS hoster mounts disk of my VM when I power it off and writes some config changes (which broke network because their scripts were buggy). That creeped me out, so I decided to encrypt my disks. So encryption is useful even for better stability in uncontrolled environments.

[Fnoord]

> VPS hoster

> so I decided to encrypt my disks

Where is the data encrypted? Local or remote? If its done remotely, whoever owns the hardware and has root on the host OS has your private key. Even with rented servers, where you are root, the KVM is king.

[vbezhenar]

It is encrypted remotely using LUKS, but I have to enter password manually when machine is booting (via web VNC). Of course I understand that determined attacker from hoster side could sniff that password, but, as I said, that's more about preventing automatic scripts to mount my disks rather than trying to hide something.