If i have vps on some remote provider, operator like amazon or aruba etc, and on ubuntu there, i have directory encrypted but mounted as decrypted, for example through encfs. (Boot, login to shell, mount with password, logoff and leave running). And this mounted folder,directory is shared to me through nginx or ftp server so i have access to it remotely without needing to decrypt. But since it is decrypted on this remote vps, and key is in vps machine memory, how can i protect it if vps company, aruba or amazon employee would like to sniff into it?
SnapOverflow
There's no technological way for you to ensure no-one having physical access to the server can't access your data, as he would posses both the encrypted data and the key. You have to trust your service provider on this. If the service provider as a company is not trustworthy, don't give your data to them, encrypted or not!
For individual employees the could companies have strict policies, background checks and audit methods. A company this big can't afford losing the customer trust. For example Amazon describes this in their AWS Security Whitepaper, chapter AWS Access:
If you have something so sensitive that this isn't enough, only store this data by yourself. (And if it's tin foil hat level sensitive, don't have this machine on the Internet, either.)
On the other hand, this really terrifies me:
If you really use FTP or plain HTTP traffic, your data is revealed to anyone between the AWS cloud and you. This is something you actually should be worried about!