Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a script that crond runs each night. The script pulls some sensitive files from an SFTP server and stores them in a folder on the local machine.
I need to encrypt those files on the filesystem. Ideally, I could encrypt the folder they're stored in to require a password whenever the files are accessed. The problem is that then crond wouldn't be able to access the files. Using something like ecryptfs would allow the cron script to mount the encrypted storage by supplying the password, but now the keys to the kingdom are just sitting in a cron shell script.
Is there a good way to approach this? One thought I had was finding a tool that lets cron encrypt the files using a public key, then require a password to decrypt them (silently using the password to access the related private key)
I don't want too much complexity on the decryption side, because I will have relatively non-tech people needing to access those files occasionally.
How granular do you need the encryption to be? Should users be able to access all encrypted files or should they only be able to access specific files? If you do not need it to be very granular and you trust all users on your system, then you could mount an encrypted file system and have cron dump to that mount.
You do not have to have the password for the encrypted file system sitting in the cron script.
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
Rep:
perhaps defining a user account that has write only privileges (treat the folder like a drop box to that user) to the encrypted volume (no read or execute) and put the password for that user in the cron script, that way if the password from the cron script is compromised they can only add bogus material to the directory and not read or modify existing information? not sure the specifics of how to do that but i'm sure something like that can be done.
I can't trust everyone on the box; only users that know the decryption password. One of the things we're trying to protect against is a rogue root admin having access to sensitive information. I wish I could encrypt the data with one password (so cron could store that password in it's script), then decrypt it with a different password...
Again, thanks for the ideas. I'll keep looking for something that works.
You could check out implementing a public/private key encryption scheme (RSA). Give the public key to the cron job, and restrict the private key to only users you trust.
I sense conflicting requirements.
- Can you give a description of the type of information?
- How could possessing of exposing this information compromise business, public image, et cetera?
- What other scenarios are you protecting against?
- What would keeping file contents sensitive be worth?
- What would be a practical reason against encrypting it against a shared GPG key on the server before transferring it?
* Note I'm completely ignoring ease of use because if the information truly is sensitive then ease of use can not be a priority.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.