Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encryption]

Encryption is transforming information through a cipher to protect it from unauthorized access.

Encryption is the process of taking some information (the plain text), and transforming it (usually with a cypher and a key) so that it is secure. Assuming a sufficiently strong cypher and key have been chosen, this cyphertext can be shared widely, without the information being compromised.

The reverse of Encryption is Decryption, where the process is reversed (normally by someone holding the key and cypher details) to return the information.

See the Wikipedia Page for more details.

775 questions
1
vote
1 answer

Can I pre-install a decryption key?

I am wondering if it is at all possible to add a decryption key to a user on a server. Basically - I want to encrypt a lot of files to avoid information leakage from a potential attack. However, entering the decryption key may be exhausting to the…
Noroz
  • 11
  • 1
1
vote
0 answers

EJBCA Response Envelope encryption - DES algorithm phase out for iOS devices

As per Apple WWDC this year, DES encryption algorithm will be phased out soon. I noticed that DES is the hard coded encryption algorithm in ScepResponseMessage.java in EJBCA's code. CMSEnvelopedData ed = edGen.generate(new…
Test Cloud
  • 11
  • 1
1
vote
0 answers

How does bitlocker drive encryption recognize and accept system changes?

I'm relatively new to bitlocker drive encryption, although I do have a decent understanding of how it works. My question here is that, if I have a system that has bitlocker drive encryption enabled and I wanted to make hardware/BIOS changes I would…
kyldu
  • 23
  • 1
  • 4
1
vote
1 answer

Can't read old UFS1 superblock using GELI (Blowfish-CBC) on FreeBSD

Trying to add encrypted partition on FreeBSD10.3 GELI/Blowfish-CBC. AES on / and /swap works fine, but I can't add an additional encrypted partition using Blowfish. Here is the way I did it: # mount -o exec /dev/da2p1 /mnt/storekey # gpart create -s…
A_buddy
  • 35
  • 2
  • 11
1
vote
2 answers

Securing Mail From Admins - Office 365

I'm trying to determine the best solution that allows me to assure our CEO that his Office 365 mailbox cannot be read by anyone, including myself, an admin. Obviously the mailbox is already locked down for his access only, but I could grant myself…
Tony Blunt
  • 167
  • 5
  • 14
1
vote
0 answers

What is the correct way to secure a user directory with EFS not in a domain network?

Logged in as an administrator on a Windows 10 machine. cipher /E /A /S:C:\Users\MYUSER or cipher /E C:\Users\MYUSER I've read and been told that the bottom one is the correct way. End result: Encrypt all the files and ensure new and copied files…
user3287817
  • 11
  • 1
1
vote
1 answer

Cannot re-image laptop after drive encryption has been enabled

We are using HP laptops, and on them there is a software suite called HP Protect Tools. Part of this package of tools is "drive encryption." Since we are dealing with confidential information we enable drive encryption. It takes about two hours to…
jherlitz
  • 1,058
  • 1
  • 18
  • 25
1
vote
2 answers

How do I configure an e-mail service to provide (close to) zero-knowledge?

DISCLAIMER – I'm fishing for ideas, so I can see that some people will start downvoting and flagging this as unsuitable for SF, but hey, if you know of a better place to ask this question, there is a comment box down there, don't just hide behind…
Morpheu5
  • 259
  • 4
  • 18
1
vote
1 answer

Remote Entry of PRE-BOOTDrive Encryption Key

I have a client with approximately 30 machines in a domain and each machine has Endpoint Encryption requiring a key to be entered at the machine keyboard each time the system is rebooted. These are Windows 7 Professional, Windows 8.1 and a few…
Charles Mills
  • 111
  • 2
1
vote
1 answer

How to disable 112 bits cipher suite in ssl of a java server

How to disable 112 bit cipher suite on java application server. Specifically these one.…
jgm
  • 121
  • 1
  • 3
1
vote
0 answers

Fetchmail and Procmail set up with TLS

I'll start by saying I'm pretty uninformed when it comes to mail protocols, encryption, and basically everything else relevant to this question. My goal is to set up fetchmail/procmail on a machine to poll my exchange email and forward it to gmail…
TimmyJ
  • 111
  • 2
1
vote
1 answer

Dovecot: increase ssl_dh_parameters_length

I'm using Dovecot 2.2.21 I set ssl_dh_parameters_length = 4096. Before that, I had set 2048. After the change I reloaded Dovecot. Since then, SSL doesn't work any more and I get these logs in/var/log/dovecot.err: Jan 10 17:03:41 mail dovecot:…
basbebe
  • 313
  • 2
  • 16
1
vote
0 answers

VPN connection drops when using encryption

I have set up VPN server on Windows Server 2012 If I use encryption to connect to the VPN server the connection would drop after 20min, If I dont use encryption the coonection stays fine. The client PC is Windows 7.
jovcem
  • 23
  • 1
  • 3
1
vote
0 answers

Web encryption on uncontrolled LAN

I have a situation in which I wish to produce (physical hardware) widgets that plug into a LAN and act as a web server, serving content to web clients that are also on the LAN. The traffic from the widgets to the client should be encrypted, but…
Henry Gomersall
  • 111
  • 1
1
vote
1 answer

How to enable LDAP over SSL/TLS in AD without installing AD Certificate Services

I am installing a Sonicwall firewall into my organization. I've connected the Sonicwall with the Active Directory domain, however now on the status page of the appliance there is a huge warning: WARNING: LDAP is being used without TLS - this is…
Spirit
  • 1,154
  • 8
  • 25
  • 45
1 2 3
51 52