[Samba] Samba File Share Encryption How To?

lp101 lingpanda101 at gmail.com
Wed Jun 4 06:54:01 MDT 2014

Hi Gaiseric,

     The location of this share contains very sensitive data that is not 
as secure as I would like. Adding that extra layer of protection would 
give me some peace of mind.

     The route I will take is to use Truecrypt(I know the status)to 
encrypt a drive and manually mount. If power is cut to the drive then 
the data would be secure. Thanks for the suggestions.

On 6/3/2014 4:54 PM, Gaiseric Vandal wrote:
> I DON'T think you can use Windows EFS (encrypting file system) on a 
> samba share, since it isn't really an NTFS file system , even tho it 
> looks that way to a Windows client.
> Why do you need it encrypted on the samba share?  Wouldn't  ACL's not 
> provide sufficient protection against unauthorized access or do you 
> need an extra layer of protection?
> You could use a user level  like Truecrypt to create an encrypted 
> volume which is stored on the file share.   Windows clients can open 
> the truecrypt file as a Windows drive letter, but from the samba 
> server point of view it is just a file.       Or you can use PGP/GPG  
> or various commercial tools to encrypt the data -  but again this is 
> all being done at the user level.  The file system it self is not 
> providing encryption.
> Linux supports encrypted partitions-   so if someone steals the 
> harddrive from the server, the data is protected.     Samba would be 
> unaware of this.     That doesn't provide protection from someone who 
> has access to the share when the computer is running- which is why you 
> would still  use file permissions and share restrictions.
> On 06/02/14 11:57, lp101 wrote:
>> Hello,
>>     Can someone please point me to documentation on encrypting a file 
>> share? Looking to have data created on a Windows workstation backed 
>> up and saved on a Samba file share across a WAN link. Currently using 
>> IPsec so I assume I'm good on the transport end? Thanks.


More information about the samba mailing list