min

joined 1 year ago
[–] min@lemmy.sdf.org 1 points 1 month ago

Do note, because it's using email, the recipient and sender are not private, along with the time, and probably the relative size of the messages.

The specific content of each message should be private as long as the encryption is done well. I haven't looked at it so I don't know if it implemnts safeguards to verify who you're messaging with (besides using the email address) and I don't know if it uses PFS (Perfect Forward Secrecy) to protect against a key getting compromised.

[–] min@lemmy.sdf.org 3 points 1 month ago (2 children)

https://github.com/rsmsctr/vaultwardenGuide

It doesn't cover backups though. It uses Caddy instead of NGINX, and it uses DuckDNS to point a subdomain to your private IP address of your Vaultwarden server, so it will only be accessible in your LAN.

[–] min@lemmy.sdf.org 8 points 2 months ago (1 children)

I've been researching zero-trust for my homelab recently and I'm considering OpenZiti instead of Cloudflare since I think it can all be self-hosted. The BrowZer from OpenZiti is especially interesting to me. The fact that I'm behind CGNAT is a hurdle though.

[–] min@lemmy.sdf.org 7 points 7 months ago

Something that always bothered me about that episode.