How to build a Virtual data Vault
 

Hi all,

As a first note I am complete linux noob. (willing to learn)

I am looking to try and setup a virtual data vault. I am planning to use CentOS 6 for this (Any other OS suggestions are welcome.) I have a system with ample space and RAM. Requirements are -
- Secure (i can generate a certificate for SSL/SSH)and disk encryption??
- Multiple sub vaults that have designated access (interaction between these vaults should be completely isolated, any transfer of information should be as though going to a complete different server)
- Should be able to create multiple user groups and associate them to the sub vaults.
- I will need to have htpps access to the sub vaults, where the user of a particular group logs in to get designated access to the subvault.
- Probably build a RAID for storage.

These are the primarily things I have in mind. Please suggest if anything else is required.

Could the experts here suggest me how to do these? I know this is too generic but links to any useful resources is also appreciated.

Thanks and apologies if this was too vague. This is just a though that I got in mind and not sure of specifics :)

Hope to learn a lot from you guys

-Partha

Two things come to mind.

At the lowest level, anything with the word *vault* in it makes me think of one of those bank heist movies. So at the lowest level of consideration is encryption - You can't easily create a PV (during the standard install process) for certain volumes in CentOS.... Primarily speaking, I'm talking the partition on which you mount /boot. And I'm a firm believer that you shouldn't bother encrypting any volumes if you can't encrypt /boot or SWAP either - what would be the point?

So first, I recommend familiarizing yourself with LVM and encryption of your entire drive, including your swap partition and /boot too. This is a good primer: http://slackware.oregonstate.edu/sla...ADME_CRYPT.TXT

Also, would you consider debian instead of CentOS? If so, then I would look HERE

I hope that helps!

Kindest regards,

.

I'm guessing this is a production server, so have you any plans around taking secure backups?

Thanks for the inputs. openmediavault looks good. I will explore it a little more.

But rather I was hoping for build it your self type not ready tools like open media vault. I am mainly looking to learn and my way is to implement an idea and what I have is just the idea, I need to learn and implement it :)
I will take a look at LVM as well and was considering complete drive encryption, not sure how to accomplish that yet. I will keep that in mind as well.
Thanks again
Partha

No this is not production, this is my personal project, mainly to learn to set up things from scratch over an idea. backup is a good thought, I will look into RAID for that.
Thanks though
Partha

As it's for your own personal project it's less of an issue.

For a production system RAID is not a backup, can't stress that importantly enough.

RAID won't help if you've a catastrophic hardware failure that affects multiple disks, or in a case I've had, comms room fire that melted the servers.

Oh then you were suggesting external backups :) Well at this point, Ill skip that as thats not an issue as noted.

RAID also doesn't protect from erroneous deletes ;)