all, I've been looking into a secure way of accessing a remote loopback encrypted partition securely via openssh. The basic idea I have currently is that a file/partition is connected to /dev/loop0 on a remote server, which I have an ssh connection to. I hold the key (for cryptsetup via dm_crypt) on the local client. I'd like to mirror the loop device of the server on the client. Once that is done, I would run cryptsetup with the key on the client and mount as normal. The end application would be for remote secure backup (rsync?) of a second encrypted volume on the client. It is assumed that the remote server is untrusted, hence, not running cryptsetup/dm_crypt on the server. So far, I've looked at Rex/sfs [1], pseudo-tty programming, and a little of unix domain sockets. I'm more familiar with network socket programming, though. My main holdup right now is my lack of familiarity with openssh internals. If someone could point to the right section of the src tree, perhaps with a nudge towards how to do this securely, it would greatly appreciated. tia, Jason. *** PDF download *** [1] - http://pdos.csail.mit.edu/papers/sfs:rextr03/MIT-LCS-TR-884.pdf
Jefferson Ogata wrote:> On 2006-12-01 17:35, Jason wrote: >> So far, I've looked at Rex/sfs [1], pseudo-tty programming, and a little >> of unix domain sockets. I'm more familiar with network socket >> programming, though. My main holdup right now is my lack of familiarity >> with openssh internals. If someone could point to the right section of >> the src tree, perhaps with a nudge towards how to do this securely, it >> would greatly appreciated. > > Take a look at drbd.Thanks, I hadn't stumbled across that yet. There is only one small problem with it, which I failed to mention in my initial mail. I can't assume I have root access to the remote machine. I might be able to get an 'sudo losetup ...' approved, but most likely I'll need to mirror the file descriptor of the file container over the ssh connection. Currently, for proof of concept, I have root access on the server, but I may not in the final implementation.> Really, if the crypto of the underlying fs is secure, you shouldn't need > to mirror over ssh; plain rsync (or drbd) mirroring, should be secure.I would prefer to use ssh, as that is the only incoming connection I allow from the internet :) the remote server could be on the other side of the world, depending on my travels. tia, Jason.
Circa 2006-12-01 12:35 dixit Jason:
: all,
:
: I've been looking into a secure way of accessing a remote loopback
: encrypted partition securely via openssh.
:
: The basic idea I have currently is that a file/partition is connected to
: /dev/loop0 on a remote server, which I have an ssh connection to. I
: hold the key (for cryptsetup via dm_crypt) on the local client. I'd
: like to mirror the loop device of the server on the client. Once that
: is done, I would run cryptsetup with the key on the client and mount as
: normal.
This sounds like you'll need unix domain sockets. The following may be
of help:
http://bugzilla.mindrot.org/show_bug.cgi?id=1256
: The end application would be for remote secure backup (rsync?) of a
: second encrypted volume on the client. It is assumed that the remote
: server is untrusted, hence, not running cryptsetup/dm_crypt on the server.
:
: So far, I've looked at Rex/sfs [1], pseudo-tty programming, and a little
: of unix domain sockets. I'm more familiar with network socket
: programming, though. My main holdup right now is my lack of familiarity
: with openssh internals. If someone could point to the right section of
: the src tree, perhaps with a nudge towards how to do this securely, it
: would greatly appreciated.
--
jim knoble | jmknoble at pobox.com | http://www.pobox.com/~jmknoble/
(GnuPG key ID: 6F39C2CC >>>>>>
http://www.pobox.com/~jmknoble/keys/ )
(GnuPG fingerprint: 5024:D578:7CF4:5660:7269::F6F3:B919:9307:6F39:C2CC)
+----------------------------------------------------------------------+
|[L]iberty, as we all know, cannot flourish in a country that is perma-|
| nently on a war footing, or even a near-war footing. --Aldous Huxley|
+----------------------------------------------------------------------+
Apparently Analagous Threads
- Encrypting tmp swap and home
- CentOS 6 and luksOpen
- Re: [PATCH common v2 4/4] options: Ignore errors from guestfs_luks_uuid.
- Re: [PATCH common v2 4/4] options: Ignore errors from guestfs_luks_uuid.
- Re: [PATCH v2 1/7] New APIs: cryptsetup-open and cryptsetup-close.