Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encryption]

Encryption is transforming information through a cipher to protect it from unauthorized access.

Encryption is the process of taking some information (the plain text), and transforming it (usually with a cypher and a key) so that it is secure. Assuming a sufficiently strong cypher and key have been chosen, this cyphertext can be shared widely, without the information being compromised.

The reverse of Encryption is Decryption, where the process is reversed (normally by someone holding the key and cypher details) to return the information.

See the Wikipedia Page for more details.

775 questions
23
votes
4 answers

Are encrypted backups a good idea?

I'm in charge of a small set of laptops and wanted to get some sort of automated remote (over WAN) backups going; the backups would be going to a RAID drive. Because we don't really have a secure vault to hold all our drives (if someone wanted, they…
encryptbackup
  • 233
  • 1
  • 4
22
votes
1 answer

How does the ssh-keygen .pub format work with .pem files?

The ssh-keygen command generates .pub files which it describes as "public key files", but they are a totally different format to most "public key files" I've usually seen, which are in PEM format. The ssh-keygen-style files look like this: ssh-rsa…
Jez
  • 1,393
  • 2
  • 12
  • 24
22
votes
3 answers

How to disable swap files in ESXi?

We are running a few Solaris / Linux VMs on ESXi that contain very sensitive encrypted data that eventually get decrypted as required in memory. Everything is fine, except for the ESXi swap files which could potentially store some of the decrypted…
Marius Burz
  • 331
  • 1
  • 2
  • 6
22
votes
3 answers

Can I create my own S/MIME certificate for email encryption?

I'm having a bit of an issue here. Bear with me as this may be a case of "not asking the right question". Background: Using Apple Mail. Want to encrypt/decrypt email but GPGMail (and apparently PGP) isn't supported with Snow Leopard. Basically I…
humble_coder
  • 533
  • 2
  • 6
  • 14
21
votes
3 answers

Is it possible to have a 100% secure virtual private server?

I am curious if it is possible to have a VPS that has data on it that is not readable by the hosting provider, but is still usable on the VPS. Obviously there are some things that you could do to prevent them from reading anything... You could…
Mike
  • 425
  • 1
  • 4
  • 11
21
votes
6 answers

How can I see what version of SSL a web server is currently using?

I believe I have disabled SSL 2.0 on my web server (Windows Server 2003). To make sure that it is now using SSL 3.0, how can I check this? What is the correct way to disable 2.0 and enable 3.0 on a web server?
wahle509
  • 333
  • 1
  • 2
  • 8
20
votes
3 answers

SSL Certificate Class 2 vs Class 3 vs Class 4

I just got a "Premium EV SSL Certificate" form GoDaddy.com. Apparently as of 8 months ago GoDaddy doesn't provide Class 3 Certificates. (http://support.godaddy.com/groups/go-daddy-customers/forum/topic/what-class-is-my-cert/) They also metntioned…
jneff
  • 235
  • 1
  • 3
  • 7
18
votes
5 answers

Encrypted Remote Backups via Rsync?

I run a small modest CentOS server at my house for misc backups, etc. My friend on the other side of town also runs a small modest server at his house for similar purposes. We have been toying with the idea of using eachothers servers to do…
Jake Wilson
  • 8,814
  • 29
  • 97
  • 125
17
votes
1 answer

Creating a grow-on-demand encrypted volume with LUKS

I am trying to create an encrypted, growing-as-needed file system in with Linux. I am familiar with LUKS and cryptsetup. I can create an empty file: fallocate -l 512M /root/image I can create a LUKS container on it: cryptsetup -y luksFormat…
Merc
  • 789
  • 1
  • 6
  • 16
17
votes
5 answers

Encrypted offsite backups - where to store the encryption key?

In addition to regular onsite backups (kept in a fire resistant safe), we also send tapes offsite once a month, encrypted with AES. So if our site is one day vaporised by an alien heat ray, we should at least have one recent backup to recover…
Todd Owen
  • 301
  • 3
  • 8
17
votes
7 answers

Easiest way to send encrypted email?

To comply with Massachusetts's new personal information protection law, my company needs to (among other things) ensure that anytime personal information is sent via email, it's encrypted. What is the easiest way to do this? Basically, I'm looking…
johnnyb10
  • 655
  • 4
  • 13
  • 28
16
votes
3 answers

Tape encryption management & best practices

I want to enable encryption on all of my backup tapes. I more-or-less know how to do this technically, but the procedural and human elements of implementing this are tricky. I use HP LTO4 drives with bacula, which doesn't have any key-management…
lukecyca
  • 2,205
  • 13
  • 20
16
votes
2 answers

Encrypting SMB traffic with Samba

We use Samba on Ubuntu 14.04 LTS as a PDC (primary domain controller) with roaming profiles. Everything works fine, except for if we try to enforce encryption via setting: server signing = mandatory smb encrypt = mandatory in the [global]…
Kai Petzke
  • 408
  • 1
  • 4
  • 10
15
votes
2 answers

Why don't Active Directory user accounts automatically support Kerberos AES authentication?

I'm playing around with a test domain on Windows Server 2012 R2. I'm operating at the highest possible functional level and have no backwards-compatibility issues in my small test environment. However, I've realized that despite the fact that I have…
Reid Rankin
  • 323
  • 1
  • 2
  • 7
15
votes
1 answer

Resizing a LUKS encrypted volume

I have a 500GiB ext4 filesystem on top of LUKS on top of an LVM LV. I want to resize the LV to 100GiB. I know how to resize ext4 on top of an LVM LV, but how do I deal with the LUKS volume? mgorven@moab:~% sudo lvdisplay /dev/moab/backup ---…
mgorven
  • 30,615
  • 7
  • 79
  • 122
1
2
3
51 52