Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have yet to find an encryption solution that I'm really happy about. I've been using ubuntu's native home encryption while I figure out what I want to do.
My main concern is security. I manually mount. It'd be nice to automount, but I don't see how that can be secure.
I would like to use a solution that doesn't involve pre-allocating space. Still on the fence with if I wan't file names to be visible.
What are your encryption solutions? Server/Desktop, whatever.
Last edited by halabb; 03-22-2011 at 02:31 PM.
Reason: tie po
I'm using a combination of LUKS, TrueCrypt, and GPG. A word of caution about automounting. This typically means having a key file or passphrase available at mount time, which may undo your security goals.
I made a couple of years a go, a live cd that when you installled it, would encrypt the swap, root and home, then copy the contents of the live cd to hard drive. It would then create a decryption cd that you could either hold the decryption keys on it, or upload/download the from a ssh server. Unfortunately i don't think i still have a copy of it around, might have been something you could have used, I've have been trying to work on another later version but don't have the time over the last year or so.
AAAAAAActually, I failed to state my main goal here. I need to share the encrypted media over the network.
With Windows, I create a share after I mount the encrypted media.
But with linux, I don't know how to mount that encrypted media and make it available to network clients.
Also, with TrueCrypt I will not be able to mount read-write more than once so that's out!
I'm researching ecryptfs, but if I had the answer I wouldn't be posting this
***Is there a way I can just share the TrueCrypt media at the application level like Windows? (not sure if that made sense)
The media is already encrypted and you want it to be safe over the network? Since you are researching means of encryption, you haven't decided how that media encryption is to be done,yet. You might include "encfs" in your research. It is similar to "ecryptfs" except that it is FUSE based, so it's easier to use by end users on Linux.
I've used NFS as a backing store with encfs. Client machines mount the NFS volume, then mount encfs over that and access files via the encfs encrypted mount point. What's stored is encrypted (subject to a few things encfs doesn't hide, like how many files there are, etc).
If you also want cross compatibility with Windows for the same data, you may be out of luck, because Windows tends to have commercial products from companies that want to make it as hard as possible to share with Linux.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.