How to build a Virtual data Vault
Hi all,
As a first note I am complete linux noob. (willing to learn) I am looking to try and setup a virtual data vault. I am planning to use CentOS 6 for this (Any other OS suggestions are welcome.) I have a system with ample space and RAM. Requirements are - - Secure (i can generate a certificate for SSL/SSH)and disk encryption?? - Multiple sub vaults that have designated access (interaction between these vaults should be completely isolated, any transfer of information should be as though going to a complete different server) - Should be able to create multiple user groups and associate them to the sub vaults. - I will need to have htpps access to the sub vaults, where the user of a particular group logs in to get designated access to the subvault. - Probably build a RAID for storage. These are the primarily things I have in mind. Please suggest if anything else is required. Could the experts here suggest me how to do these? I know this is too generic but links to any useful resources is also appreciated. Thanks and apologies if this was too vague. This is just a though that I got in mind and not sure of specifics :) Hope to learn a lot from you guys -Partha |
Two things come to mind.
At the lowest level, anything with the word *vault* in it makes me think of one of those bank heist movies. So at the lowest level of consideration is encryption - You can't easily create a PV (during the standard install process) for certain volumes in CentOS.... Primarily speaking, I'm talking the partition on which you mount /boot. And I'm a firm believer that you shouldn't bother encrypting any volumes if you can't encrypt /boot or SWAP either - what would be the point? So first, I recommend familiarizing yourself with LVM and encryption of your entire drive, including your swap partition and /boot too. This is a good primer: http://slackware.oregonstate.edu/sla...ADME_CRYPT.TXT Also, would you consider debian instead of CentOS? If so, then I would look HERE I hope that helps! Kindest regards, . |
I'm guessing this is a production server, so have you any plans around taking secure backups?
|
Quote:
But rather I was hoping for build it your self type not ready tools like open media vault. I am mainly looking to learn and my way is to implement an idea and what I have is just the idea, I need to learn and implement it :) I will take a look at LVM as well and was considering complete drive encryption, not sure how to accomplish that yet. I will keep that in mind as well. Thanks again Partha |
Quote:
Thanks though Partha |
As it's for your own personal project it's less of an issue.
For a production system RAID is not a backup, can't stress that importantly enough. RAID won't help if you've a catastrophic hardware failure that affects multiple disks, or in a case I've had, comms room fire that melted the servers. |
Quote:
|
RAID also doesn't protect from erroneous deletes ;)
|
All times are GMT -5. The time now is 07:36 AM. |