Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 04-12-2009, 02:21 AM   #1
LQ Newbie
Registered: Dec 2008
Distribution: Windows XP / Ubuntu 8.10 / Fedora 10
Posts: 22

Rep: Reputation: 16
Encrypted data backup w/truecrypt

I'm trying to perform system backups from three or four client computers to a hard drive on a dedicated Linux server. I've spent about a week researching this, and setting up a test of what I'm trying to do. The backup data must be encrypted (preferably with something strong, e.g. aes256) both as it leaves the client computers (so that the data can't be intercepted on its way to the server) and as it's written to the backup hard drive. The backup space must somehow be mounted as a network drive on the client - this is absolutely necessary.

My solution was to set up Samba and TrueCrypt on Linux, have TrueCrypt use the entire hard drive as a container (only 1 partition on the hard drive, and it's not the same hd that the system is installed on), and mount it. Samba would then share the TrueCrypt mount.

I have some problems that I've unsuccessfully tried to Google that I'd like to ask about:
- How do I encrypt the data as it moves between the client and the server? I've seen many tutorials on using ssh to tunnel port 139, but I know that Windows file sharing uses more ports than that, so I assume that's just for the purpose of bypassing firewalls and moving it to another port? Is there any way to use OpenSSL (I've looked into it but don't really understand how to apply it to this situation)? Should I use OpenVPN (I have no VPN experience or knowledge but if it's the best way I'm willing to learn)
- What does Samba do when the share that it's sharing doesn't exist? I ask because I'm running into trouble where I can unmount the truecrypt container (which is the samba share), but on the client I can still write to the Samba share (which theoretically shouldn't exist). It's likely that my Samba is misconfigured, correct?

I'd appreciate any help.

Old 04-12-2009, 05:41 AM   #2
Registered: Mar 2004
Location: Stavanger, Norway
Distribution: Gentoo, Slackware/SLAX, Knoppix, CentOS, IPCop & DSL
Posts: 138

Rep: Reputation: 21
I also tried to set up a similar system, but decided to go with Bacula in stead, might be overkill for four computers, but really gives you some leverage when it comes to options. It can encrypt/compress data before it leaves the client, and can be configured for a very hassle-less work flow, with minimal interaction from a user.

It has Windows/Mac Clients, and included clients in most Linux distributions. It also can be set up to use a ssh tunnel if you plan to back up remote machines, and need extra security.

I would give it a read, and see if it was something worth looking into. It took me a day to configure everything, including reading and scratching my head, but once I have it set up, I feel like I'm just scratching the surface as to what I can make it do for me...

Check it out here? :


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
TrueCrypt 5.1a Not enough data available or broken pipe error yasker Slackware 5 01-17-2009 01:23 PM
Truecrypt encrypted USB drive on Linux irairaira Linux - Newbie 9 01-09-2009 01:09 AM
Encrypted Ubuntu with TrueCrypt penguinHugger Linux - General 5 12-19-2008 03:08 PM
Tool to decrypt old encrypted harddrive and backup data before reformat bapigoo9 Linux - Software 5 12-02-2008 01:32 AM
LXer: TrueCrypt HOWTO — Truly Portable Data Encryption LXer Syndicated Linux News 0 05-26-2007 01:46 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:06 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration