Protecting files at home using encrypted containers _ linux journal

1. Samsung data backup software KDE is not needed. Top 5 backup software KDE Just happens to be my current desktop of choice and in order to meet the requirements I set my solution to the problem needed to be integrated into it (primarily for other family memebers who are less technical). Seagate autobackup software And no, I am in no way associated with the KDE project 🙂 I’ve used Gnome, Enlightenment and KDE at various times.


Differential backup software KDE just happens to be the one in use right now.

2. Best backup software windows The key is NOT stored on the hard drive, down towards the bottom of the article I present a few scripts that I use that execute everything based on the key being on a USB thumb drive. Free local backup software Most thiefs probably wouldn’t know what to do with a linux box if they stole one, but I did decide to go the extra step and keep the key on something physically separate rather than rely completely on security by obscurity.

3. Backup software list Brett Neumeier provided a much more elegant solution to generating the key from /dev/random by using the dd command. Software para backup Thanks you! I keep forgetting about that command, much less the fact it would have made key generation easier!

4. Incremental backup software free LUKS as an alternative: Thank you for posting about this project. Pc backup software free I wasn’t aware of it before. Disk image backup software Unfortunately when I actually implemented this LUKS didn’t exist at the time…..

5. Data backup software Dave Vehrs posted a warning that the commands used to mount/unmount the encrypted containers may appear in your shell’s history. Best backup software linux That is correct, if you issue the commands by hand. Pc backup software reviews I just checked and the commands do not appear if you use the automated capability provided by the KDE Autostart and shutdown directories. Hard disk backup software free download For many, encrypted the entire drive may be a better solution. Free image backup software In my case I decided that wasn’t the solution I needed and chose to go the encrypted container route.

6. Application backup software There was a comment about my backups. Best backup software windows 10 My backup server is using the same setup – the backups reside in an encrypted container that gets ‘undone’ on shutdown automatically OR undone on startup in the event the power cord is pulled. Versioning backup software There is NO automation on the backup server to automaticaly remount the encrypted containers, and the server is locked down tight (as are the desktop boxes). Compare backup software The only item I’m missing is performing the rsync over an SSH tunnel, which for a home hardwired network isn’t really necessary. Hdd backup software free Keep in mind, this is meant to provide adequate protection for a _home_ environment. Best backup software For a work environment I would do some things differently in order to provide a more robust system, but those items are beyond the scope of this article.

7. Backup software comparison Thank you for reminding me about ENCFS. Server 2003 backup software I seem to remember looking at it when I started implementing this, but I can’t remember why I decided not to use it. Disk backup software It is definitely worth looking at though.

This is something I need to give more thought to before I try to implement a transparent encryption scheme on my own computers…. Top backup software 2014 but the skeleton given here is a great starting point, thanks!

The main flaw in the design I see, is this. Backup software with versioning Ignoring the “security boundaries” arguments for a moment (or assuming this has been solved by control) — that is, even assuming that your sensitive data never leave the container in a cleartext form:

The encryption key has been left on the computer along with the containers! Can’t the theif just take the hard drive out, mount it in their own system, discover the encrypted containers, these mounting scripts and the key and then mount the containers to get at the data? Sure, this would take a clueful thief, probably not something your average house-breaker could manage, but well within the abilities of an experienced identity-theft criminal.

I would have liked to see a way of keeping the key safe from being stolen (or discovered) along with the computer, such as on a USB drive or a floppy, or by encrypting the key with a pass-phrase.

These approaches are not perfect either, I admit: you have to remember to insert and remove the medium containing the key, or enter a pass-phrase to decrypt the container key before mounting, which would break the “simple to use” requirement, I suppose.

banner