We have a cloud server (AWS) running Ubuntu 8.04. All the employees (around 15 people) in the company have system accounts in the server and all are sudoers. We want to provide a way for all the users to store private data which should be password protected and not viewable by others using their root privileges. And there should be an easy mechanism for Windows (Vista/XP) users to copy data to/from the server (click/drag/copy/paste etc). Any solution guys?
-Geos
You have two primary (and slightly conflicting) requirements:
Are your users reasonably Linux-capable? I'd hope so if they have root privs...
You can't just create encrypted file systems with cryptoloop on the Ubuntu server, as as soon as one user mounts it, every other user with root would be able to see the mount in its decrypted form.
One option is the commercial PGP product, and use PGP Net. Store the .pgd files on a samba share that is hosted on the Ubuntu server (I've done essentially the same but on areal Windows server share - works, but it's not multi-user). This is about as transparent as it gets - the user mounts the .pgd as a drive letter in Windows, then just uses it like any other network drive. I don't know that it will be terribly fast though, and you've still got the issue of how to securely allow Windows networking ports between your Windows machines and the server. You could VPN tunnel it (even with no encryption on the tunnel as I guess it's already encrypted), but that's going to be interesting unless you have a local box that can act as a VPN gateway - IPSec under Windows isn't pleasant to configure.
There's probably a time-limited trial for PGP Net I'd have thought, so it might be something you can try for just some time input.
One last (and not terribly pleasant) option I can think of might be to do something with a base Ubuntu server, and a lightweight virtualisation that will work on a server in AWS (Xen VMs I believe?), so that each user gets their own 'jailed' area and can mount their cryptoloop filesystem inside that, then either scp files in and out, or run Windows networking over IPSec or an ssh tunnel etc. I'm not entirely sure how well something like User Mode Linux would work in keeping each virtual session separate from others when users have root to the base machine - there's still some scope for tinkering via the base environment, but if your users don't trust each other to that degree, then they should be on their own VMs anyway!
I think what you want is ecryptfs - an encrypted file system supported by the linux kernel, and which is well integrated into Ubuntu, although the main integration went into versions of Ubuntu after 8.04.
For instructions for setting it up for Ubuntu 8.04, see this guide or this guide.
So this should meet your requirements with one or two caveats. When a user's private directory is not mounted, nobody will be able to see the files without knowing that user's passphrase. However, when the private directory is mounted, other users could change to be that user using sudo su username and could then read their files.
As to sharing with windows, the secret directory would have to be mounted by the user, and also be available as a network share over samba. I'm afraid I don't know how to set up samba so there are multiple shares and only one user can use each share, but if you ask on https://serverfault.com/ you should get some help for that. (And possibly this question belongs on serverfault).
ive found a nice blog post on private data cloud. http://bigdatamatters.com/bigdatamatters/2009/09/private-cloud-eucalyptus.html
hope, its helpful :)
You could look at encfs. It provides a way to mount a regular directory as an encrypted directory, something like:
encfs /path/enc-dir /path/clear-dir
After that, data read/written in /path/clear-dir is stored encrypted in /path/enc-dir. No need to use a specific partition. All data is stored in the regular ext3 partition.
However I have no idea how you could use a simple user interface. encfs is a shell command.
Yours, d.
