[Samba] VFS for encryption/decryption

Andrew Bartlett abartlet at samba.org
Fri Dec 23 23:09:02 GMT 2005 

On Fri, 2005-12-23 at 09:54 +0100, Felix Brack wrote:
> It's true (partially) that the administrator has access to all secrets
> stored on the server. However the administrator does not _know_ a users
> password or samba password. He can of course change those passwords.
> This however would be noticed by the user who's password has been
> changed and data encrypted with the users former password would still
> not decrypt (with the new password) to some meaningful data, right?
> 
> If this is correct my requirements would be fulfilled.
> 
> I do not know at all how things are running within samba but fact is,
> that any user authenticates himself when connecting to a server share
> from his client. Wouldn't this be the method to tell a VFS module to
> do encryption/decryption with the user's password? As I already
> stated, I am aware that things are not that simple but the principle
> should remain.

The Samba server is never given the plaintext password.  As such, it
cannot decrypt anything with it.  (This is because it uses a
challenge-response authentication system.  This means the server must
hold the password-equivalent value).

> My PDC is setup to present the user a network drive H: that holds his
> home directory; this is great and very simple to configure with samba.
> Why not present the user, say network drive Q:, showing the decrypted
> contents of a file stored on the server that is encrypted with the
> users password? The user wouldn't 'see' any difference between
> accessing files on H: or Q:. This would provide a truly transparent
> access to encrypted data.

This would be great, if there were a secure, out of band way to push the
password to the server.  (This could be achieved by a local 'server'
which interacts with the user's session to get the password, and then
accesses the real server).

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20051224/a23548d5/attachment.bin

More information about the samba mailing list