Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encryption]

Encryption is transforming information through a cipher to protect it from unauthorized access.

Encryption is the process of taking some information (the plain text), and transforming it (usually with a cypher and a key) so that it is secure. Assuming a sufficiently strong cypher and key have been chosen, this cyphertext can be shared widely, without the information being compromised.

The reverse of Encryption is Decryption, where the process is reversed (normally by someone holding the key and cypher details) to return the information.

See the Wikipedia Page for more details.

775 questions
3
votes
1 answer

How to setup an encrypted L2-Tunnel using MikroTik Routers?

What I would like to achieve I want to securely spread an existing internal subnet over multiple buildings. That means that I have two locations with virtual machines that need to be within the same subnet. The idea is that the virtual machines…
SDwarfs
  • 385
  • 4
  • 18
3
votes
2 answers

Are Windows internal CA-issued certificates compatible with Mac clients?

I am looking into deploying an internal CA to replace the GlobalSign certificates we use for our internal email encryption: Internal CA would be set up using ADCS in a two-tier hierarchy, no other software i.e OpenSSL The clients that it will be…
Greg
3
votes
1 answer

Determining encryption container name corresponding to machine key in %ProgramData%\Microsoft\Crypto\RSA\MachineKeys

On Windows, encryption machine keys are stored in: %ProgramData%\Microsoft\Crypto\RSA\MachineKeys How do I determine the corresponding container name for each key? I'm guessing this vagueness is by design--"security by obscurity"?
stephen_liu
  • 131
  • 4
3
votes
0 answers

Anubis as GPG proxy

I'm trying to setup GNU Anubis to act as a sort of proxy to sign/encrypt emails coming from a service. The service is currently configured to send email using our SMTP server. The idea would be to point the service to Anubis and then point Anubis to…
mikeazo
  • 149
  • 4
3
votes
2 answers

Mounting encrypted Samba share (linux server/client)

I'm trying to set up encrypted samba access. In order to achieve that I've added 2 lines to [global] scope in smb.conf: server signing = mandatory smb encrypt = mandatory But unfortunately I can't mount samba shares now anywhere. I've tried with…
Lapsio
  • 363
  • 1
  • 5
  • 15
3
votes
2 answers

Encrypting a file name in linux?

I'm trying to encrypt a file as well as its filename. Encrypting the file is fairly easy, I use gpg for that, but I can't figure out how to encrypt the filename as well. Would be great if the filename could be encrypted using the same key. Any idea…
Weekender
  • 31
  • 3
3
votes
1 answer

Bitlocker device name change

When imaging our PCs we generally create a temp name for our facilities to change the device name to whatever particular department fits their needs. The issue is we can't send out any devices without encryption, we happen to use Bitlocker…
Batman667
  • 31
  • 4
3
votes
1 answer

LUKS full disk encryption use keyfile instead of passphrase

I have enabled LUKS full disk encryption on an LVM volume while installing centos6.6, however it asks for a passphrase every time the OS is rebooted. I am now trying to use a key file according to this post. Unfortunately it does not work...and…
krisdigitx
  • 629
  • 3
  • 18
  • 30
3
votes
2 answers

Determining if an SSL cert is affected by SHA-1 phase-out

Google chrome will start to warn users that their SSL connection is insecure under the following conditions: The cert uses the SHA1 hashing algorithm, and The cert expires on or after 2016-01-01 (or 2017-01-01 by different sources) Therefore I am…
dotancohen
  • 2,590
  • 2
  • 25
  • 39
3
votes
2 answers

Should Carrier Ethernet traffic be encrypted?

I'm looking for a best practice answer. We have a 100Mb point to point Carrier Ethernet circuit between a corporate office and an offsite data center. Basically we have SQL traffic replicating to the data center. It is mostly customer information…
Jason K
  • 33
  • 2
3
votes
3 answers

Bitlocker drive encryption on AWS Windows instance

I'm trying to figure out how best to protect the data of a single Windows Server 2012 instance on AWS and according to "AWS_Securing_Data_at_Rest_with_Encryption.pdf" it says: "Encrypting Amazon EBS volumes attached to Windows instances can be …
joshu
  • 791
  • 3
  • 12
  • 28
3
votes
2 answers

Using our own certificate authority for business email encryption

I've read the available similar questions on serverfault but I haven't quite found a definite answer to the security aspect of it - hence here's my question: I'm administrator of an office working with tax data and we want to start using…
LumenAlbum
  • 527
  • 2
  • 5
  • 15
3
votes
1 answer

Automounting encrypted filesystem (using random key), residing in regular file under CentOS 6.*

Task: in CentOS 6.x system, set up and mount automatically encrypted filesystem, residing within a regular file, using one-time (random) key. /etc/crypttab in CentOS 6.* doesn't allow using plain file as block device to mount and map…
Konstantin Boyandin
  • 283
  • 2
  • 5
  • 16
3
votes
1 answer

Remotely unlock Hardware disk encryption

I am setting up a remote server at a collocation for a client and their primary request is that the data be encrypted beyond the boot partition. The main system will be in a dm-crypt LUKS container on the main drive, but since the kernel could be…
ACiD GRiM
  • 123
  • 1
  • 7
3
votes
1 answer

IPSEC AES key length in kernel 3.9.3

I have a working ipsec-tools configuration which uses aes-ctr encryption with 224-bit key (192bit for key+32bit for nonce). Everything works well on 3.2.0 kernel. Here's what man setkey says about the key length: aes-ctr 160/224/288 …
Sandman4
  • 4,077
  • 2
  • 21
  • 27
1 2 3
51 52