I DON'T think you can use Windows EFS (encrypting file system) on a
samba share, since it isn't really an NTFS file system , even tho it
looks that way to a Windows client.
Why do you need it encrypted on the samba share? Wouldn't ACL's not
provide sufficient protection against unauthorized access or do you need
an extra layer of protection?
You could use a user level like Truecrypt to create an encrypted volume
which is stored on the file share. Windows clients can open the
truecrypt file as a Windows drive letter, but from the samba server
point of view it is just a file. Or you can use PGP/GPG or
various commercial tools to encrypt the data - but again this is all
being done at the user level. The file system it self is not providing
encryption.
Linux supports encrypted partitions- so if someone steals the
harddrive from the server, the data is protected. Samba would be
unaware of this. That doesn't provide protection from someone who
has access to the share when the computer is running- which is why you
would still use file permissions and share restrictions.
On 06/02/14 11:57, lp101 wrote:> Hello,
>
> Can someone please point me to documentation on encrypting a file
> share? Looking to have data created on a Windows workstation backed up
> and saved on a Samba file share across a WAN link. Currently using
> IPsec so I assume I'm good on the transport end? Thanks.
>