Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encryption]

Encryption is transforming information through a cipher to protect it from unauthorized access.

Encryption is the process of taking some information (the plain text), and transforming it (usually with a cypher and a key) so that it is secure. Assuming a sufficiently strong cypher and key have been chosen, this cyphertext can be shared widely, without the information being compromised.

The reverse of Encryption is Decryption, where the process is reversed (normally by someone holding the key and cypher details) to return the information.

See the Wikipedia Page for more details.

775 questions
1
vote
1 answer

SFTP with data encryption at rest

Sorry for my ignorance, I am having a peculiar doubt in setting up an SFTP server, setup an SFTP server with password/keyfile for authentication. The SFTP user directory should be encrypted at rest. The SFTP client should able to access to view the…
Bidyut
  • 121
  • 3
1
vote
2 answers

Mailbox on-the-fly decryption (dovecot)

To avoid casual mailbox snooping for an IMAP server I am thinking of "transparent encryption" setup that would: Public key encrypt incoming messages at local delivery time Private key decrypt said messages at read time. (Here, the private key…
Alien Life Form
  • 2,309
  • 2
  • 21
  • 32
1
vote
0 answers

Self-signed secure boot initramfs and intel-ucode

I've set up a self-signed refind and linux kernel. The problem is that intel-ucode and initramfs resides on /boot, which is an unencrypted fat32 ESP filesytem - UEFI specific. How can I secure my initramfs and intel-ucode? One option is to make the…
dzervas
  • 343
  • 1
  • 2
  • 7
1
vote
2 answers

Does Mediawiki encrypt logins by default as the browser sends them to the server?

Several searches only turned up questions about encrypting login info on the server side. Does Mediawiki encrypt logins after you type them in the browser and send them? (to prevent a man-in-the-middle from reading them in transit and taking over an…
user1258361
  • 113
  • 4
1
vote
1 answer

Can a non-privileged user identify if Office 365 forces TLS encryption with a partner organization?

Exchange Online uses opportunistic TLS which works as follows: By default, Exchange Online always uses opportunistic TLS. This means Exchange Online always tries to encrypt connections with the most secure version of TLS first, then works its way…
John Eisbrener
  • 113
  • 5
1
vote
1 answer

Windows Server 2008 R2 - Cryptographic Operators group issue

I have a problem similar to this question: Windows 7 “Cryptographic Operators”. I am attempting to add a cryptographic rule. When I get to the step to set the cryptographic algorithms I get an "Access is Denied" message stating I need to be a…
user4616559
  • 11
  • 3
1
vote
2 answers

Status of reversible encryption password

Is there an easy way to check Windows 2008R2 DC user accounts for a flag or keying material that shows that an account currently has a reversible password stored? I'm aware of DSInternals but I'm not looking to decrypt the passwords. I've looked…
melds
  • 231
  • 2
  • 9
1
vote
0 answers

Dovecot Mailbox Encryption (Scrambler) - pem_lib.c fails to handle key

In addition to following post, Dovecot ran into problems while reading the public key from the DB: Error: scrambler_pem_read_public_key: 139640300201616:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:696:Expecting: PUBLIC…
Linz
  • 13
  • 3
1
vote
1 answer

Unable to mount borg backup repository residing on a ZFS snapshot

I've posted the question and my own solution to this problem, to make it available to others. This relates to borg backup and was posted to this borg github issue: Allow check on read-only filesystems Trying to access a remote borg repository for…
zoot
  • 257
  • 1
  • 3
  • 13
1
vote
1 answer

Postgres Data Encryption Using LUKS with dm-crypt

We have encrypted volume using LUKS. cryptsetup luksOpen /root/test1 volume1 and mounted on mount /dev/mapper/volume1 /mnt/files We created postgres data directory inside /mnt/files and able to start the postgres…
user50442
  • 241
  • 1
  • 2
  • 5
1
vote
1 answer

Pure-ftpd with MySQL - Crypt() not logging me in with hashed passwords

I am using pure-ftpd with mysql to auth users. Here is my mysql.conf MYSQLServer localhost MYSQLPort 3306 MYSQLSocket /var/run/mysqld/mysqld.sock MYSQLUser user MYSQLPassword pwd MYSQLDatabase my_db MYSQLCrypt …
ServerSideSkittles
  • 57
  • 9
1
vote
2 answers

Encrypting guest VM ESXI 6.5 with Bitlocker

Hi we're devs playing around with ESXI on some old R710s. For our dev enviromnment it will be fine. The R710 have a TPM. I tried encrypting the VM with Bitlocker but it couldn't see the TPM. I assume ESXI can't see it. I was thinking of perhaps…
user1102550
  • 189
  • 1
  • 6
1
vote
0 answers

GRUB "USB lock" for Linux Full Disk Encryption

Hy everyone. I'm investigating the possibility of using something like USB hardware locking dongles (like these ones used for software locking and licensing) to provide the key that Grub asks for when booting a linux server with full disk…
André Maricato
  • 11
  • 1
1
vote
1 answer

Legacy SSH clients on internal networks

I have a couple of legacy SSH clients on my internal network (think 2000's era Macintoshes and the like) that are wholly incompatible with newer ciphers and key algorithms used in modern SSH implementations. Getting these clients to work required…
Mikey T.K.
  • 1,417
  • 2
  • 16
  • 29
1
vote
1 answer

Why does SQLclient still allow encrypted connection with revoked cert?

We are implementing SQL 2014 encrypted connections in the near future. I want to do my due diligence and confirm the cert validation process. I also want to use the trustservercertificate=false option. I want all connections to actually use cert…
user393394
  • 11
  • 3
1 2 3
51 52