Adrian Sevcenco wrote: > On 02/22/2011 11:37 PM, Bill Davidsen wrote: >> Any thoughts on remote mounting a filesystem securely? Clearly I could just >> export it and count on the encryption in the WiFi and the VPN to protect the >> data, but that leaves it mounted in clear on the server. I looked at putting the >> data in a file mounted with cryptoloop on the client, which works, or creating a >> loop device and then having that be a LUKS device. I haven't tried that last >> one, but my notes say I did create a local loop/LUKS device for a demo, so I >> suppose it could happen. >> >> Is there some simple and common additional method I've missed? > tunneling over ssh or some other encrypted tunnel (with openssl) the NFS > or CIFS communication... > > the encrypted part is useful only for offline (lack of key) denial of > data reading .. or you could export an encrypted block device thru iscsi > (or nbd) and mount and decrypt on initiator.. > You have the right idea, I want to decrypt on the client, rather than mount on the server, thus the data on the server is just a file full of encrypted data, and not available as clear text there. I was thinking of nbd, certainly a possibility. -- Bill Davidsen <davidsen@xxxxxxx> "We have more to fear from the bungling of the incompetent than from the machinations of the wicked." - from Slashdot -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
