[Samba] File encryption

Nico Kadel-Garcia nkadel at gmail.com
Sat Nov 22 16:47:25 MST 2014

On Sat, Nov 22, 2014 at 2:05 PM, David Bear <dwbear75 at gmail.com> wrote:
> this would be an interesting 'feature' -- the question is what would the
> encryption key be -- who who hold it, and how would you prevent a drag'n
> dropping of the file out of the file server to the users desktop ?

> On Fri, Nov 21, 2014 at 5:48 AM, Daniel Carrasco Marín <d.carrasco at ttu.es>
> wrote:
>> Hi,
>> Is there any way to encrypt a file to avoid it usage outside of a domain?.
>> I've a Samba domain, with some Windows computers connected to that domain
>> and i want to know if something like that exist.
>> Greetings!!

I don't see anything like that right now. It sounds like a *lot* of
pain to integrate with a stable, mission critical toolkit that's woven
into system operating systems and is exceptionally unlikely to ever be
excepted into the Windows kernels to work well with Samba.

You can achieve *most* of this by using a Kerberos sensitive file
sharing system, such as NFSv4 on Linux/UNIX hosts and CIFS group
enabled access on the Windows clients. It takes work to integrate
those, but it can certainly work with NetApp based servers.

And there is no defense in this approach to drag'n-drop, David is
quite right. But it's a reasonable place to work from.

More information about the samba mailing list