There is the shared folders that is supposed to solve this problem, but for security reasons I can’t install anything into dom0, nor using the clipboard.
At first I thought about creating a source_(disposable)_VM_with_a_mounted_veracrypt_container-NetVM_transmission_server-target_VMs connection. I mean to create something like an interface to connect a source VM and a target VMs folders with a filesystem client.
But sometimes I need the internet connection along with.
But secondly, I thought there is a simpler solution using the qvm-move-to-vm command.
I was thinking about writing a script that does the following steps:
- Source and target VMs create public and private keys
- Mount a veracrypt container into source VM
- A files from this container are encrypted with the public key of the target VM in order to be sent to that VM
- The target system decrypts the files with the private keys
- Same process as steps 3 and 4 if we want to commit changes
But space usage is an issue.
I’m actually looking for something like a TPM but it’s a VM. The VM that exclusively stores private keys here and performs encryption/decryption operations on the fly by command
Any ideas or security issues?