LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 08-17-2009, 03:17 PM   #1
epolanco
LQ Newbie
 
Registered: Jul 2009
Posts: 7

Rep: Reputation: 0
Use ecryptfs for FTP login security?


I have a RHEL5 server running with the ecryptfs utilities installed. Here is what I am trying to do: Hopefully someone can help me. I've beat myself a few hours already but I do have ideas and want to make sure I'm on the right boat. I want the following to occur if possible. Either using PAM or AUTOFS.
PAM:
1. Remote user logs via FTP and PAM picks this up and mounts their encrypted home directory.
2. User uploads/downloads patient files
3. User exits and PAM unmounts the encrypted home directory until further use.

AUTOFS:
1. User logs in via FTP and AUTOFS automatically mounts encrypted /home/USER ecryptfs stack over the /home/USER ext3 version.
2. User uploads/downloads files
3. User logs out, autofs timeout is set to 1 second so it will auto unmount the encrypted stack from the lower level file system thus making the uploaded files unreadable unless the proper key is supplied.

Can i make any of the above mentioned work? AUTOFS doesn't seem to work correctly with fstype=ecryptfs but does work for the solution i want with other file system types. I'm running kernel 2.6.18-128 PAE on RHEL5 and ecryptfs-utils-56-8 and devel tools as well.
Thanks for any help
 
Old 08-17-2009, 06:51 PM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, FreeBSD
Posts: 3,925
Blog Entries: 5

Rep: Reputation: Disabled
I don't follow. Your thread title reads something about "FTP login security". But your post is referring to filesystem security. Which do you need help with?
 
Old 08-27-2009, 11:44 AM   #3
epolanco
LQ Newbie
 
Registered: Jul 2009
Posts: 7

Original Poster
Rep: Reputation: 0
If i can get AUTOFS to work, it will also work for users that login VIA FTP to my system! The point of autofs is so that a user that FTP into the system, gets his directory auto mounted with ecryptfs, uploads data which is getting written encrypted, logs off, and after a 1 second time out the ecryptfs unmounts (Autofs) and everyone is happy because the data is encrypnted as opposed to leaving the ecryptfs mount on all the time which is readable. That's why it says FTP login security Any ideas? And yes I am already using CHROOT and our network has very good firewalls but you know how the people upstairs are!
 
Old 08-27-2009, 11:48 AM   #4
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, FreeBSD
Posts: 3,925
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by epolanco
If i can get AUTOFS to work, it will also work for users that login VIA FTP to my system!
Not to distract from the restated question, but the process you're describing still means authentication credentials are sent in clear text, right? Is that OK?
 
Old 08-27-2009, 02:53 PM   #5
orgcandman
Member
 
Registered: May 2002
Location: dracut MA
Distribution: Ubuntu; PNE-LE; LFS (no book)
Posts: 594

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by anomie View Post
Not to distract from the restated question, but the process you're describing still means authentication credentials are sent in clear text, right? Is that OK?
To further expound on this:

Quote:
2. User uploads/downloads patient files
Those files are transmitted in the clear as well... is this ok?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ecryptfs installation problem nkd Linux - Security 3 10-02-2007 03:30 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 01:02 AM
ftp security msamuels Linux - General 3 05-31-2005 11:58 PM
FTP Server Up and running... how do I hide ftp users from local login screen? joe1031 Mandriva 2 03-18-2005 04:24 PM
ftp login -- ssh no login waffe Linux - General 4 12-27-2003 12:42 AM


All times are GMT -5. The time now is 07:52 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration