this post was submitted on 11 Feb 2025
45 points (97.9% liked)

Selfhosted

42057 readers
506 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
45
Digital management post-life (lemmy.nowsci.com)
submitted 16 hours ago by fmstrat@lemmy.nowsci.com to c/selfhosted@lemmy.world
19 comments fedilink hide all child comments
 

Hi all,

Working through some things like a Will (I am fine, just normal life planning), and debating on methods for digital management when I do die.

I run a lot of self-hosted services for family and friends, all on secured servers with ZFS and on/off site backups. Key ingredient is Vaultwarden for password management.

I'd like to put something in place so that encryption keys, some docs, and key passwords are released to a tech savvy friend. Anyone know of existing solutions for this?

Requirements of:

  • Not providing keys to a third-party beforehand
  • Not forgeable to open
  • If possible, no "weekly press a button"

I'm thinking some kind of key pair where my friend has the private key and the public key is provided to a family member, and when activated a timer starts where I could cancel the release.

you are viewing a single comment's thread
view the rest of the comments
[–] fmstrat@lemmy.nowsci.com 3 points 4 hours ago (1 children)

Great idea. My poor mans version idea was an encrypted data set inside another encrypted data set to require two people, but Shamir's seems like a much better option.

[–] hendrik@palaver.p3x.de 2 points 4 hours ago* (last edited 4 hours ago)

I'm still a bit split on this. And whether the complexity and reliability is good enough for the use case... I mean if you don't need N-out-of-M, but it's just two people: cut a password or key in half. Same if it's N-out-of-N people, you just need to make some puzzle pieces and hand them out, we don't really need encryption and fancy maths for that. But I guess encrypting something would work, too. Just use a program or algorithm that's likely still around when it's going to be used. And you can always add a sheet of paper or PDF with instructions. Maybe save the executable file to to decrypt it somewhere if the solution requires software.