Truly Private Data On A Server
Posted: Wed Jul 10, 2013 12:02 pm
Hello
A disclaimer before I ask my question: I have a fair amount of Linux experience but configuring servers is something I don't do very often, which is why I'm asking for help (feel free to correct me if I say something blatantly incorrect).
I've recently gained the opportunity to set up a personal server with some friends of mine. We all trust each other, however we all agreed on the fact that if everyone has his own account and puts personal data on there, it should remain personal. I set up SFTP to secure the transfer of files and the session in general, however of course SFTP doesn't do much more than that: once the files are on the server or retrieved from it, its job is done. What I'm looking for is a way to encrypt and decrypt files on the server in a way that no other user (most importantly: even root) can decipher the data. Access to the folders is not such a big deal, as long as the contents and data of the files can't be accessed. I've searched and read a lot of information (apparently not enough) and decided to try out ecryptfs to automatically setup encryption and decryption when starting an SFTP session. Everything is working great, however there is only one catch: while the user is accessing his private data from ecryptfs, any user with root privileges can also view that data. Since there can be multiple remote users (admins) on the system at the same time, this is an issue and totally destroys the usefulness of ecryptfs IMHO.
Is there any way to obscure the data completely from any user on the server? Something that sprang to mind is moving the encryption/decryption to the client (i.e. he should use PGP or put the files in a password-protected file himself). This however is a hassle next to the fact that some of the users aren't as tech savvy. An automated way is thus preferred. I guess it would be possible to write a front-end for STFP and GPG to perform these tasks but writing apps for a subject I'm not an expert in is something I'd rather avoid. Any suggestions or input is welcome.
As a side note: the server is running linux whilst the clients are using Linux as well as Windows.
Thanks in advance,
Creature
A disclaimer before I ask my question: I have a fair amount of Linux experience but configuring servers is something I don't do very often, which is why I'm asking for help (feel free to correct me if I say something blatantly incorrect).
I've recently gained the opportunity to set up a personal server with some friends of mine. We all trust each other, however we all agreed on the fact that if everyone has his own account and puts personal data on there, it should remain personal. I set up SFTP to secure the transfer of files and the session in general, however of course SFTP doesn't do much more than that: once the files are on the server or retrieved from it, its job is done. What I'm looking for is a way to encrypt and decrypt files on the server in a way that no other user (most importantly: even root) can decipher the data. Access to the folders is not such a big deal, as long as the contents and data of the files can't be accessed. I've searched and read a lot of information (apparently not enough) and decided to try out ecryptfs to automatically setup encryption and decryption when starting an SFTP session. Everything is working great, however there is only one catch: while the user is accessing his private data from ecryptfs, any user with root privileges can also view that data. Since there can be multiple remote users (admins) on the system at the same time, this is an issue and totally destroys the usefulness of ecryptfs IMHO.
Is there any way to obscure the data completely from any user on the server? Something that sprang to mind is moving the encryption/decryption to the client (i.e. he should use PGP or put the files in a password-protected file himself). This however is a hassle next to the fact that some of the users aren't as tech savvy. An automated way is thus preferred. I guess it would be possible to write a front-end for STFP and GPG to perform these tasks but writing apps for a subject I'm not an expert in is something I'd rather avoid. Any suggestions or input is welcome.
As a side note: the server is running linux whilst the clients are using Linux as well as Windows.
Thanks in advance,
Creature