Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
08-17-2009, 03:17 PM
|
#1
|
|
LQ Newbie
Registered: Jul 2009
Posts: 7
Rep: 
|
Use ecryptfs for FTP login security?
I have a RHEL5 server running with the ecryptfs utilities installed. Here is what I am trying to do: Hopefully someone can help me. I've beat myself a few hours already but I do have ideas and want to make sure I'm on the right boat. I want the following to occur if possible. Either using PAM or AUTOFS.
PAM:
1. Remote user logs via FTP and PAM picks this up and mounts their encrypted home directory.
2. User uploads/downloads patient files
3. User exits and PAM unmounts the encrypted home directory until further use.
AUTOFS:
1. User logs in via FTP and AUTOFS automatically mounts encrypted /home/USER ecryptfs stack over the /home/USER ext3 version.
2. User uploads/downloads files
3. User logs out, autofs timeout is set to 1 second so it will auto unmount the encrypted stack from the lower level file system thus making the uploaded files unreadable unless the proper key is supplied.
Can i make any of the above mentioned work? AUTOFS doesn't seem to work correctly with fstype=ecryptfs but does work for the solution i want with other file system types. I'm running kernel 2.6.18-128 PAE on RHEL5 and ecryptfs-utils-56-8 and devel tools as well.
Thanks for any help
|
|
|
|
|
08-17-2009, 06:51 PM
|
#2
|
|
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Debian, FreeBSD, Ubuntu (desktop)
Posts: 3,859
Rep: 
|
I don't follow. Your thread title reads something about "FTP login security". But your post is referring to filesystem security. Which do you need help with?
|
|
|
|
|
08-27-2009, 11:44 AM
|
#3
|
|
LQ Newbie
Registered: Jul 2009
Posts: 7
Original Poster
Rep:
|
If i can get AUTOFS to work, it will also work for users that login VIA FTP to my system! The point of autofs is so that a user that FTP into the system, gets his directory auto mounted with ecryptfs, uploads data which is getting written encrypted, logs off, and after a 1 second time out the ecryptfs unmounts (Autofs) and everyone is happy because the data is encrypnted as opposed to leaving the ecryptfs mount on all the time which is readable. That's why it says FTP login security  Any ideas? And yes I am already using CHROOT and our network has very good firewalls but you know how the people upstairs are! |
|
|
|
|
08-27-2009, 11:48 AM
|
#4
|
|
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Debian, FreeBSD, Ubuntu (desktop)
Posts: 3,859
Rep:
|
Quote:
|
Originally Posted by epolanco
If i can get AUTOFS to work, it will also work for users that login VIA FTP to my system!
|
Not to distract from the restated question, but the process you're describing still means authentication credentials are sent in clear text, right? Is that OK? |
|
|
|
|
08-27-2009, 02:53 PM
|
#5
|
|
Member
Registered: May 2002
Location: dracut MA
Distribution: Ubuntu; PNE-LE; LFS (no book)
Posts: 593
Rep: 
|
Quote:
Originally Posted by anomie
Not to distract from the restated question, but the process you're describing still means authentication credentials are sent in clear text, right? Is that OK?
|
To further expound on this:
Quote:
|
2. User uploads/downloads patient files
|
Those files are transmitted in the clear as well... is this ok? |
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 01:07 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
