[sf-lug] VPS question: accessible by root user on physical host?

[Rick Moen]

Quoting Jason Turner (jturner at nonzerosums.org):

> And I wonder, how much more "private" is such a service?  
> Say, like the one(s) hosted by Linode.com?  Linux/XEN setup. 

Linode, Inc. doesn't have shell of any sort on your virthost.  Their
getting it or equivalent wouldn't be difficult but would commit various
business torts and also ruinous to their reputation if it were ever
proved.

Of course, in theory they could monitor traffic in and out of the
virthost, and do traffic analysis of even encrypted traffic.  But,
honestly, under most scenarios they lack motivation other than to metre
your resource consumption and make sure your virthost isn't being a bad
boy towards the nearby LAN.

> Finally, the subject question, would my VPS be accessible by any user 
> not explicitly setup in my environment? 

Nope.

Again, they _could_.  That's not the point, really.

If you want physical security, you either have to trust someone per
contractual relations (SAVVIS, HE, Community Colo, whatever) or keep the
gear behind your own locked door and guard that door.

You don't have 100% confidence that even SAVVIS isn't breaking into your
colo cabinet and rooting your machine, neh?  ;->  The reason we tend to
think they don't do it is that it would undermine their business model.