J.Witvliet@xxxxxxxxx wrote: > -----Original Message----- > From: users-bounces@xxxxxxxxxxxxxxxxxxxxxxx [mailto:users-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Bill Davidsen > Sent: Tuesday, February 22, 2011 10:38 PM > To: Community support for Fedora users > Subject: Shared encrypted filesystem > > Any thoughts on remote mounting a filesystem securely? Clearly I could just export it and count on the encryption in the WiFi and the VPN to protect the data, but that leaves it mounted in clear on the server. I looked at putting the data in a file mounted with cryptoloop on the client, which works, or creating a loop device and then having that be a LUKS device. I haven't tried that last one, but my notes say I did create a local loop/LUKS device for a demo, so I suppose it could happen. > > Is there some simple and common additional method I've missed? > > The file is "shared" at various locations, but it would work if only one client at a time could access it, writes are rare, even needing access is unusual, but it does happen. > > -----Original Message----- > > Trusting wifi? No way! > Trusting openvpn / ipsec? No problem, if done properly... > Remote mounting over wifi? You better watch your errorcount continuously. Clearly correct. > Copying a file across is one thing, a remote filesystem over an unreliable medium is something else. > > But in general, what are you protecting against who? We are looking at the problem of remote mounting some proprietary data, and I am playing with the idea that if the mount is done on the remote client I gain (a) unencrypted data never flows over the network and (b) the server need not be a trusted server in terms of having the data mounted on the server itself. At the moment it's an exercise, but one with benefits if practical. As for "against who?" the answer is "everyone," the fewer people, systems, and networks with clear data the fewer the possible types of leak. Layered security, making every part as secure as is cost effective. > Storage encryption and network encryption are two completely different fields. > A LUKS-device is only protected as long as it is Unmounted, after mounting it is just another mount-point. > Just so, having the mount on the client means only the client has the clear data, not having the mount on the server makes the target smaller. > Instead of a file, you might consider exporting an (encrypted) logical volume with iscsi, through vpn. > I was wondering about that, or exporting via nbd. At the moment a technology evaluation, some testing will probably be done over the next few months. I'm hoping someone has a really smart idea or better yet some objections to doing it at all. Your comment on the error rate is certainly the kind of thing I like to see, errors can be introduced during testing to see if failure rather than slowdown results. -- Bill Davidsen <davidsen@xxxxxxx> "We have more to fear from the bungling of the incompetent than from the machinations of the wicked." - from Slashdot -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
