Hi Alex, hi Lars! Thanks for your answer. It helps me (see my comments below)! Probably I did not express myself clearly enough as it seems to me I could not make my plans clear. The "trouble" I wanted to avoid is that each user has to ssh in to the server and supply a LUKS password EACH TIME he wants to mount the share. I see, it is not necessary if I follow your practicable solution. Good. Just out of curiosity, could you still think about my original question and think whether what I wanted to do is possible? (It is perhaps a more philosophical, still interesting question): Can you set up luks such that the pam-mount - or something similar - works also for remote users connecting via samba or NFS? To mount a share a user has to send a login and password anyway (either over samba or nfs, no difference). If I can pass this password on to LUKS and if the samba password matches the encryption password and LUKS can mount the share and access the share for the user, then encryption would work without the user noticing it. This situation would be analogous to a local user logging in to the linux-server and pam-mount passing on the login-password to LUKS and the /home can be mounted. So, there would not be a need of asking a LUKS password via ssh, when the samba password can be used by LUKS. as to the discussion: >> The computer must boot without asking for passwords. > Then the data will not be secure. Simple possession of the > machine, or 10 minutes unattended time with the machine, > will compromise the data. All right, I am aware of that. Then the /boot and /root directories would be compromised because they are not encrypted, all right, they contain no sensitive data. But the sensitive user-data stored on the encrypted file shares (a separate partition, say /samba or /home/samba) would not be compromised, right? This is the same case if you only encrypt /home: the computer would also boot without asking for a password and the data on /home would be secure. > With an uninterrupted power supply (UPS) on the machine, the server > would not reboot by itself, ever. Therefore, the number of times you > should have to SSH in to the machine to supply a password would > likely be counted on one hand over the lifetime of the server. O.K., I had to think twice about this, but I got it now. You would just simply set up LUKS with ONE password, and the admin would have to give it at each reboot of the machine via ssh. Then users could mount and unmount the - already decrypted - shares without problems - just as if they would not be encrypted at all. And when an individual user on the network wants to mount the share he can do so WITHOUT HAVING TO SSH IN EACH TIME HE MOUNTS IT (this is the kind of trouble I wanted to avoid). How would I have to set up the encryption? I think I should just encrypt the partition which will be mounted as /samba and leave /root + /boot unencrypted, so sshd can be started before accessing any encrypted data? And I think I would have to leave /samba out of fstab and mount it manually via your script. I'll give http://cryptobox.org a chance when I'm done putting the server together (I'm still short of a drive which I'll get from a friend). I assume Kubuntu is fine for a debian system. Greetinx Wolfgang --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
