2 Jan 2012 stan   » (Journeyer)

File server encryption setup

I've been in the process of setting up encryption on my server for a while. At work we use lvm encryption - which works well. The lvm server is running debian and has the dropbear package installed. If it is rebooted, we just ssh in and supply the password.

My server also provides dhcp service, so unless you manually configure the client's networking the ssh part doesn't work. So instead I've been setting up ecryptfs, since I use it all my client machines. The configuration on my server is slightly more manual - I'm using mount -t ecryptfs directly.

I'm using a custom cgi script to allow the partition to be mounted. Seems to be working ok.

After thinking about it while writing this I'm preferring making dhcp work somehow (move it somewhere etc) and using lvm in the long run - slight it makes it easier to make sure everything is encrypted. Also the client part would be slightly harder as you need to use a ssh client rather than a web client.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!