Set up your private VPN independently while connecting to a less secure network.
Set up your private VPN independently while connecting to a less secure network.
You're concerned about data security when connecting to Linode. Setting up a secure VPN inside an insecure network can still work, but it depends on how you handle encryption and configuration. A secure VPN doesn't necessarily need a fully trusted network to function—it focuses on protecting your traffic regardless of the source. Just ensure strong encryption protocols are in place and that your setup minimizes exposure.
Usually you configure the VPN through methods like SSH or HTTPS, which are tough to intercept and break. A determined hacker would need strong motivation to try this. It also relies heavily on your specific security expectations. Most online activity now uses HTTPS, making it difficult to monitor or alter over a weak network.
I focus only on broad points that might not really catch your attention or are already familiar. This might not be helpful—do you need a secure network? Probably not, but it adds complexity. You could set up end-to-end encryption tunnels and treat the whole network as untrusted. You’d need to establish a safe zone inside the unsafe area that remains protected before connecting to another secure spot. It seems you want this Linode server to serve as your primary secure point. Maintaining its security would be the main challenge, since it operates within an insecure environment and can’t rely on it.
I don't agree; one key reason people use a VPN is to connect securely on an unsafe network. It also relies on how concerned you are about the network's safety and what you're trying to conceal. A paid VPN tends to be more affordable compared to alternatives like Linode.
The feeling I had was that sensitive information must pass through vulnerable networks. Such data is easily copied or intercepted, but unless the encryption is weak it remains useless. Removing encryption exposes it to risk, especially if the Linode server’s security is breached. Simply using a VPN in an insecure environment isn’t sufficient since the VPN itself could be compromised. Even screenshots could reveal the keys, rendering encryption irrelevant. Strong encryption makes decryption extremely difficult. If the system has weaknesses, you’re out of luck. Secure storage shouldn’t rely solely on Linode; it needs robust protection that resists future attacks. Any open port poses a threat down the line. I remember someone in the 90s who built secure systems in isolated bunkers, crafting OS and compilers from scratch to ensure no mistakes were made. These setups would be airgapped except for a monitored connection.
Public key encryption is possible I guess. There has to be only one connection and that connection is always only encrypted. Well I suppose you could have more than one but they would all have to be encrypted. No untrusted unencrypted data in, no unencrypted data out. Untrusted data can still be encrypted. The issue is keeping the stuff coming in clean. I don’t know how that is done these days. You would need to send stuff in encrypted, deencrypt it inside the clean space, and use it. You wouldn’t be able to send an unencrypted key. There is public key encryption. It’s complicated and uses a lot of data. The concept is well known though and much better explained lots of different places. I suggest googling public key encryption explanation, or some such for how that all works. There is also the concept of blockchain which is newer than me. I never learned how that worked. I understand banks have more or less dropped public key in preference to blockchain.
They offer a reliable VPN solution using public/private key pairs for encryption. Your own key is downloaded securely via HTTPS, ensuring safe transfer. It doesn’t require complex setup and uses minimal bandwidth. The main goal isn’t to make everything encrypted all the time—SSL/TLS 1.3 provides strong protection. Even if some traffic remains unencrypted, it stays secure until it reaches the VPN endpoint. At that stage, the provider’s team can still monitor it, but you’re shifting the risk to a less likely point in the chain.
Your setup will use either an encrypted connection through their web control panel or SSH, both of which rely on secure transmission methods. It’s a bit less protected than a VPN since it depends on keeping your credentials secret. Unless you have physical access to the data center to create and retrieve your private key (which would be excessive caution), this is the standard approach.
This might stem from my unclear grasp of Linode's specifics. I thought it was a physical device with a Linux setup and restricted ports. If Linode is a remote service, that could cause issues. A VPN is also a service focused on keyed encryption, fitting this description. Without hardware you own or manage fully, it seems challenging to implement independently. A subpoena, for instance, would still access everything. This aligns with the concept of a VPN. Using a VPN service to handle your encryption tunnel instead of building it yourself brings the service into play.