[plug] encrypting drives on a samba server and backups
Scott Middleton
scott at assuretek.com.au
Wed Oct 28 21:41:33 WST 2009
It mounts as an ordinary partition with the right credentials. So it wont
matter what you use to access it once it is mounted. AFAIK the credentials
can be on a usb key on boot and removed after.
Let me know if this is incorrect.
I only have only used it as purposeful mounted directory for testing on win
and Linux
2009/10/28 Ari <sothisistheinternet at gmail.com>
> Scott Middleton wrote:
>
>> You could also look at truecrypt.
>> http://www.truecrypt.org/
>>
>> It works with windows and linux and has hidden partitions accessible with
>> different authentication.
>>
>>
> I'll have a look, thanks. Is there information there on how to integrate it
> with samba?
>
> 2009/10/28 Ari <sothisistheinternet at gmail.com <mailto:
>> sothisistheinternet at gmail.com>>
>>
>>
>> Phillip Bennett wrote:
>>
>> Ari wrote:
>>
>> Hi all,
>>
>> Okay, I need some guidance here. I've helped a mate get
>> started with
>> linux and he's happy using a FC11 install as a samba
>> server (he wanted a
>> copy of what I had, but with more hard drives for backing
>> up his video
>> editting, documents, etc etc). All is well with that, but
>> after a recent
>> theft he's worried about his files being accessed if the
>> server or the
>> backup drives are stolen. I'm not really sure where to
>> start for
>> encrypting things but still having them available to all
>> his windows
>> PCs. He has 3TB of storage drives (the FC11 install is on
>> a separate
>> small 40GB drive) with the entire drives shared via samba.
>> I've got him
>> using rsync for his backups to his external usb drives. Is
>> it possible
>> to encrypt the samba shared drives and still have samba be
>> able to use
>> them? What about the backups with rsync? I'm reluctant to
>> admit I've
>> never worked with encryption on linux drives before, and I
>> know I really
>> really should have as it's the sort of security measure
>> that I should
>> know about. Help please :-(
>>
>> TIA,
>>
>> Ari
>> _______________________________________________
>> PLUG discussion list: plug at plug.org.au
>> <mailto:plug at plug.org.au>
>>
>> http://www.plug.org.au/mailman/listinfo/plug
>> Committee e-mail: committee at plug.linux.org.au
>> <mailto:committee at plug.linux.org.au>
>>
>>
>>
>>
>>
>> Hi,
>>
>> You could always try out LUKS encryption. It's pretty
>> standard with
>> RedHat and probably fedora - my home box is off right now, so
>> can't
>> check for you.. Basically, you create an encrypted partition
>> that gets
>> opened at boot with a password. You can even dictate the
>> strength of
>> the encryption when you set it up. Once it's opened with the
>> password,
>> it will be seen by the operating system as just another block
>> device
>> that can be formatted as whatever you like (etx2/3, fat32,
>> etc..) so
>> samba would be able to see it and share it as if it was just
>> another
>> filesystem. Once powered off, the encrypted data is inaccessible
>> without the password. We use it here in the Scottish Blood
>> Service for
>> keeping patient data secure on our mobile devices (laptops).
>>
>> Hth,
>> Phil.
>>
>>
>> Thank you Phil, this sounds like it could be just the thing.
>>
>>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>
--
Scott Middleton
Managing Director - AssureTek
Email - Scott at assuretek.com.au
Phone - 1300 551 696
Mobile - 0400 212 724
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20091028/dab99364/attachment.html>
More information about the plug
mailing list