[plug] encrypting drives on a samba server and backups

Ari sothisistheinternet at gmail.com
Wed Oct 28 20:16:13 WST 2009 

Scott Middleton wrote:
> You could also look at truecrypt.
> http://www.truecrypt.org/
>
> It works with windows and linux and has hidden partitions accessible 
> with different authentication.
>

I'll have a look, thanks. Is there information there on how to integrate 
it with samba?

> 2009/10/28 Ari <sothisistheinternet at gmail.com 
> <mailto:sothisistheinternet at gmail.com>>
>
>     Phillip Bennett wrote:
>
>         Ari wrote:
>
>             Hi all,
>
>             Okay, I need some guidance here. I've helped a mate get
>             started with
>             linux and he's happy using a FC11 install as a samba
>             server (he wanted a
>             copy of what I had, but with more hard drives for backing
>             up his video
>             editting, documents, etc etc). All is well with that, but
>             after a recent
>             theft he's worried about his files being accessed if the
>             server or the
>             backup drives are stolen. I'm not really sure where to
>             start for
>             encrypting things but still having them available to all
>             his windows
>             PCs. He has 3TB of storage drives (the FC11 install is on
>             a separate
>             small 40GB drive) with the entire drives shared via samba.
>             I've got him
>             using rsync for his backups to his external usb drives. Is
>             it possible
>             to encrypt the samba shared drives and still have samba be
>             able to use
>             them? What about the backups with rsync? I'm reluctant to
>             admit I've
>             never worked with encryption on linux drives before, and I
>             know I really
>             really should have as it's the sort of security measure
>             that I should
>             know about. Help please :-(
>
>             TIA,
>
>             Ari
>             _______________________________________________
>             PLUG discussion list: plug at plug.org.au
>             <mailto:plug at plug.org.au>
>             http://www.plug.org.au/mailman/listinfo/plug
>             Committee e-mail: committee at plug.linux.org.au
>             <mailto:committee at plug.linux.org.au>
>
>
>
>
>         Hi,
>
>         You could always try out LUKS encryption.  It's pretty
>         standard with
>         RedHat and probably fedora - my home box is off right now, so
>         can't
>         check for you..  Basically, you create an encrypted partition
>         that gets
>         opened at boot with a password.  You can even dictate the
>         strength of
>         the encryption when you set it up.  Once it's opened with the
>         password,
>         it will be seen by the operating system as just another block
>         device
>         that can be formatted as whatever you like (etx2/3, fat32,
>         etc..) so
>         samba would be able to see it and share it as if it was just
>         another
>         filesystem.  Once powered off, the encrypted data is inaccessible
>         without the password.  We use it here in the Scottish Blood
>         Service for
>         keeping patient data secure on our mobile devices (laptops).
>
>         Hth,
>         Phil.
>
>
>     Thank you Phil, this sounds like it could be just the thing.
>

More information about the plug mailing list