Flip your device sideways for a better viewing experience!

ArchBox: Ryo

A NAS device with physical and digital security features, running Arch Linux, named after the japanese word for 'excellency'

Encryption and Keyfiles

Ryo uses keyfiles for both of it's encryption methods. The physical side uses a USB storage device with a keyfile, while the digital side uses a SSH keyfile and custom configuration file.

Physical

In order for Ryo to boot up, it needs to have a 2048 bit keyfile stored on a USB device plugged into it. If this 'key' is removed while the computer is on, a custom service script will turn the computer off within 30 seconds of the key being removed.

Digital

Ryo only allows connection to it's SSH service on a self-hosted access point, that doesn't broadcast it's SSID and has a WPA2 password. It also requires an SSH keyfile and custom port knocking program on the connection computer.

VPN Tunneling and Firewalls

Ryo uses UFW and Openvpn, along with systemd services, to automatically connect to a VPN and enable a killswitch, so that all traffic routed to the computer will come through the VPN connection.

Click the buttons to be directed to more information!

Web App Hosting

A varienty of webapps have been configured and installed on Ryo. Jellyfin hosts audiobooks and podcasts, Lanraragi hosts books and comics, and Netdata provides logging and remote resource monitoring.

This website, and project described within, was written by Noah Lessard. Check out his github here!