On 02/22/2011 11:37 PM, Bill Davidsen wrote: > Any thoughts on remote mounting a filesystem securely? Clearly I could just > export it and count on the encryption in the WiFi and the VPN to protect the > data, but that leaves it mounted in clear on the server. I looked at putting the > data in a file mounted with cryptoloop on the client, which works, or creating a > loop device and then having that be a LUKS device. I haven't tried that last > one, but my notes say I did create a local loop/LUKS device for a demo, so I > suppose it could happen. > > Is there some simple and common additional method I've missed? tunneling over ssh or some other encrypted tunnel (with openssl) the NFS or CIFS communication... the encrypted part is useful only for offline (lack of key) denial of data reading .. or you could export an encrypted block device thru iscsi (or nbd) and mount and decrypt on initiator.. HTH, Adrian
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
