I have a database that belongs to a user with InnoDB tables, they want to encrypt the entire database but I don’t want to affect other users’ databases. To be clear - I just want a single database encrypted, while the others will remain unencrypted.
Can Virtualmin let a user encrypt their database? If so, how? If not, how can I do it, if it’s possible?
I’m fairly certain that the server just serves individual databases so one should not affect another. I’d read the MariaDB docs very carefully. Not that it is very encouraging.
It’s technically possible, but probably not worth it. If someone gets physical access to your disk, they’ll likely be able to grab the AES keys too. Plus, Virtualmin backups can already be protected with encryption keys. If it were up to me, I’d skip it.
If you decide to go this route, take a look at the MariaDB encryption documentation—it covers the details you’ll need:
Hey Lejon! Virtualmin doesn’t support per-database encryption, but you can use MariaDB’s data-at-rest encryption—enable it for just that user’s database using custom config.
