Outside of the classic “type a password” or “have the keys locally”, Network Bound Disk Encryption (NBDE) is what the business world uses for this (but it’s not cheap and/or simple to self host). On one side you have commercial vendors who will sell you a solution, such as Vormetric, and on the other side you have the open source world trying to leverage open code.
Outside of the classic “type a password” or “have the keys locally”, Network Bound Disk Encryption (NBDE) is what the business world uses for this (but it’s not cheap and/or simple to self host). On one side you have commercial vendors who will sell you a solution, such as Vormetric, and on the other side you have the open source world trying to leverage open code.
Red Hat has a good article to read as an NBDE primer as it outlines the concepts as well as implementing their solution/method using open software: https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/security_and_compliance/network-bound-disk-encryption-nbde