Selfhosted

42057 readers

797 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Digital management post-life (lemmy.nowsci.com)

submitted 17 hours ago by fmstrat@lemmy.nowsci.com to c/selfhosted@lemmy.world

19 comments fedilink hide all child comments

Hi all,

Working through some things like a Will (I am fine, just normal life planning), and debating on methods for digital management when I do die.

I run a lot of self-hosted services for family and friends, all on secured servers with ZFS and on/off site backups. Key ingredient is Vaultwarden for password management.

I'd like to put something in place so that encryption keys, some docs, and key passwords are released to a tech savvy friend. Anyone know of existing solutions for this?

Requirements of:

Not providing keys to a third-party beforehand
Not forgeable to open
If possible, no "weekly press a button"

I'm thinking some kind of key pair where my friend has the private key and the public key is provided to a family member, and when activated a timer starts where I could cancel the release.

you are viewing a single comment's thread
view the rest of the comments

[–] Lemmchen@feddit.org 9 points 17 hours ago* (last edited 17 hours ago) (1 children)

I've thought about this myself during a phase of less that then perfect health. I think a somewhat practical solution is to have all passwords and documentation on how to use them/access the services that require them in a (online) password manager (so it stays current). Then have an USB stick with encrypted login credentials and OTP backup deposited at a notary and hand out the decryption key to a few trustworthy friends and family members.
This way nobody can access your stuff and the notary can make sure to hand out the USB stick only to the one person you specified in your will. The other friends family members are there as backup in case your "special" friend has lost the decryption key in the meantime.

The alternative to an online pw manager would be a local one that you synchronize to your friends and only the notary has the key to unlock the database, which they only hand out according to your will.

I'd love to hear about other solutions though. Maybe there's a better option.

P.S.: There are tools to have more redundancy on USB sticks and so on, so that bit flips/degradation can be accommodated. Multiple redundant data carriers are an option as well.

[–] fmstrat@lemmy.nowsci.com 1 points 5 hours ago

Yea this is a similar idea to what I'm considering. Thanks!