Unless I am mistaken about how it works, it seems like it is the most secure storage method on the server in regards to a successful hack?
Server wide encryption has the issue if someone gains root access to the machine, they instantly have access to all files (by getting the keyphrase from the config) - but Per User means even if they accessed the SSH root, they still couldn’t actually access any files? (unless the user was logged in at the time)
Are there any draw backs I am missing / features that don’t work with per user keys? Can files still be publicly shared?
Curious why a server wide key is recommended.