[Samba] Samba File Share Encryption How To?
lp101
lingpanda101 at gmail.com
Wed Jun 4 06:54:01 MDT 2014
Hi Gaiseric,
The location of this share contains very sensitive data that is not
as secure as I would like. Adding that extra layer of protection would
give me some peace of mind.
The route I will take is to use Truecrypt(I know the status)to
encrypt a drive and manually mount. If power is cut to the drive then
the data would be secure. Thanks for the suggestions.
On 6/3/2014 4:54 PM, Gaiseric Vandal wrote:
> I DON'T think you can use Windows EFS (encrypting file system) on a
> samba share, since it isn't really an NTFS file system , even tho it
> looks that way to a Windows client.
>
> Why do you need it encrypted on the samba share? Wouldn't ACL's not
> provide sufficient protection against unauthorized access or do you
> need an extra layer of protection?
>
> You could use a user level like Truecrypt to create an encrypted
> volume which is stored on the file share. Windows clients can open
> the truecrypt file as a Windows drive letter, but from the samba
> server point of view it is just a file. Or you can use PGP/GPG
> or various commercial tools to encrypt the data - but again this is
> all being done at the user level. The file system it self is not
> providing encryption.
>
> Linux supports encrypted partitions- so if someone steals the
> harddrive from the server, the data is protected. Samba would be
> unaware of this. That doesn't provide protection from someone who
> has access to the share when the computer is running- which is why you
> would still use file permissions and share restrictions.
>
>
>
> On 06/02/14 11:57, lp101 wrote:
>> Hello,
>>
>> Can someone please point me to documentation on encrypting a file
>> share? Looking to have data created on a Windows workstation backed
>> up and saved on a Samba file share across a WAN link. Currently using
>> IPsec so I assume I'm good on the transport end? Thanks.
>>
>
--
-James
More information about the samba
mailing list