Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Should I use a CoW filesystem on my PC if I only wanted snapshot capabilities ?
Top Forums UNIX for Beginners Questions & Answers Should I use a CoW filesystem on my PC if I only wanted snapshot capabilities ? Post 303045428 by stomp on Friday 20th of March 2020 11:07:35 AM
Old 03-20-2020
Hi,

I just had a use case for encryption. I decided to use dm-crypt to create an encrypted container. It's fairly easy. You may just have an encrypted container for your live data and another for your backup. Once it is open, you can read from and write to the filesystem. Many rescue distributions support dm-crypt out of the box(grml, sysresccd, knoppix).

Interesting would be, how you securely automate that, because a backup that's not automated is worthless for me. And if you do not do it securely, encryption makes no sense in my view. Maybe you can place a pendrive with the key on it in your computer, so it only boots up when the pendrive is there?

Here's a tutorial for you to read(use google for a lot of resources on the dm-crypt topic):

How To Use DM-Crypt to Create an Encrypted Volume on an Ubuntu VPS | DigitalOcean

Interesting would be, what the nature of your data is and what confidentiality level of your data is, so I/we can better understand your situation and maybe help more.

regards,
stomp.
Last edited by stomp; 03-20-2020 at 12:25 PM..
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Unix Capabilities?

We are looking into buying a new software, billing software that is, and want to know if you can run that on the same UNIX server as another major software? Is there a limit to the different types of software Unix can run, or is it like windows where you can install as many as you like? ... (2 Replies)
Discussion started by: hoz
2 Replies

2. UNIX for Advanced & Expert Users

p570 Capabilities

Hi there. I've been tasked with making a new design for our Unix systems :eek: Now the question I have is; How many LPARs can a p570 hold WITHOUT using a VIO Server. Many Thanks Kees (1 Reply)
Discussion started by: KeesH
1 Replies

3. Red Hat

Adding capabilities to an RPM

Hi. I downloaded a package that could only be installed on RHEL5, and not 4 or 3, so I got the source in order to compile it on RHEL 3 so hopefully it will work on all versions. So I have the source for a working package, but when I build it in RHEL 3 and then try to install it in RHEL 5, it... (6 Replies)
Discussion started by: Boaz
6 Replies

4. Filesystems, Disks and Memory

Wanted: Geographically distributed filesystem solution

I'm looking for a means to ensure that servers in the two or three datacenters, connected in a ring via IP through two ISPs, can distribute load and/or replicate data among at least two SAN-class disk devices. I want to evaluate several solutions, and I'm open to solutions ranging from free,... (6 Replies)
Discussion started by: otheus
6 Replies

5. Solaris

Cannot use filesystem while sending a snapshot

I've got a Solaris 11 Express installed on my machine. I have created a raidz2 zpool named shares and a simple one-disc zpool named backup. I have made a script that would send a daily snapshot of shares to backup. I use these commands zfs snapshot shares@DDMMRRRRHHMM zfs send -i shares@....... (10 Replies)
Discussion started by: RychnD
10 Replies

6. UNIX for Advanced & Expert Users

Use of Capabilities

I wonder if anyone could assist with some problems I'm having with Linux Capabilities and their use when using the commands "nice" and "schedtool". I run a couple of PCs, one is an elderly AMD Sempron 2800+ (32-bit, 2GHz clock and 3GB memory) that is used as a family multimedia system running... (3 Replies)
Discussion started by: MikeGM
3 Replies

7. Linux

Broadcom under Fedora 18 (Spherical Cow)

So I'm having a problem getting a Broadcom BCM4312 wireless controller to work under the broadcom-wl module $uname Linux 3.8.11-200.fc18.x86_64 #1 SMP Wed May 1 19:44:27 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux lspci -v 05:00.0 Network controller: Broadcom Corporation BCM4312 802.11b/g... (2 Replies)
Discussion started by: Skrynesaver
2 Replies

8. UNIX for Advanced & Expert Users

Linux capabilities discussion

Hi I'm trying to compile my linux kernel with CONFIG_SECURITY_CAPABILITIES=y. any idea what this thing does ?? Also another question , If I compile the kernel that I'm currently using , what'll happen ? ~cheers (3 Replies)
Discussion started by: leghorn
3 Replies

9. What is on Your Mind?

Anybody want to talk about Dirty Cow?

Hi All, How worried is everyone about the Dirty Cow Linux exploit? Has anybody experienced attacks yet? From the research I've done it seems that the exploit is "reliable" (that is it works nearly every time on vulverable systems) which is not good news. We all believe that Unix/Linux... (3 Replies)
Discussion started by: hicksd8
3 Replies

LEARN ABOUT OSF1

crypt

crypt(1)						      General Commands Manual							  crypt(1)

NAME

       crypt - encode/decode

SYNOPSIS

       crypt key < input.File > output.File

DESCRIPTION

       The  command reads from the standard input and writes on the standard output.  You must supply a key which selects a particular transforma-
       tion.  If no password is given, demands a key from the terminal and turns off printing while the  key  is  being  typed	in.   The  command
       encrypts and decrypts with the same key.

       Files encrypted by are compatible with those treated by the ed, ex and vi editors in encryption mode.

       The security of encrypted files depends on three factors: the fundamental method must be hard to solve, direct search of the key space must
       be infeasible, and sneak paths by which keys or clear text can become visible must be minimized.

       The command implements a one-rotor machine designed along the lines of the German Enigma, but with a 256-element rotor.	Methods of  attack
       on such machines are known, but not widely; moreover the amount of work required is likely to be large.

       The transformation of a key into the internal settings of the machine is deliberately designed to be expensive, for example, to take a sub-
       stantial fraction of a second to compute.  However, if keys are restricted to three lowercase letters, then encrypted files can be read	by
       expending only a substantial fraction of five minutes of machine time.

       Since the key you choose is an argument to the command, it is potentially visible to users executing the command or a derivative.  To mini-
       mize this possibility, destroys any record of the key immediately upon entry.  The most vulnerable aspect of is the choice of keys and  key
       security.

EXAMPLES

       The following examples use KEY as the key to encrypt and decrypt files.	The first example encrypts the file naming the resulting encrypted
       file The second example decrypts the file naming the resulting decrypted file The third example prints the encrypted file in clear text.  $
       crypt KEY < plain.File > crypt.File $ crypt KEY < crypt.File > decrypt.File $ crypt KEY < crypt.File | pr

FILES

       for typed   key

RELATED INFORMATION

       ed(1), ex(1), vi(1), crypt(3), makekey(8) delim off

																	  crypt(1)
All times are GMT -4. The time now is 06:01 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy