Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encryption]

Encryption is transforming information through a cipher to protect it from unauthorized access.

Encryption is the process of taking some information (the plain text), and transforming it (usually with a cypher and a key) so that it is secure. Assuming a sufficiently strong cypher and key have been chosen, this cyphertext can be shared widely, without the information being compromised.

The reverse of Encryption is Decryption, where the process is reversed (normally by someone holding the key and cypher details) to return the information.

See the Wikipedia Page for more details.

775 questions
5
votes
3 answers

PKI keys per service or per server?

We all have a lot of internal services that need encryption and authentication to be provided by some sort of PKI. Do the security gains of using a different private/public key pair for each service justify the extra work entailed? Or is using a…
sh-beta
  • 6,838
  • 7
  • 47
  • 66
5
votes
3 answers

How can I cache a Subversion password on a server, without storing it in unencrypted form?

My Subversion server only provides access via HTTPS; support for svn+ssh has been dropped because we wanted to avoid creating system users on that machine just for SVN access. Now I'm trying to provide a way for users to cache their passwords for a…
Zilk
  • 351
  • 4
  • 9
5
votes
3 answers

how to prevent a user using private key after leaving organization?

In the enterprise environment, each user was issue a key pair for using to encrypting/signing. Since they have the private key, that mean they can decrypt any file that encrypt for them, even after leaving organization and their certificate was…
David
5
votes
1 answer

Encrypted LVM on RAID1 - Failure testing, manual mount

We have an Ubuntu 10.04 LTS server set up with LVM running on top of disk encryption, which runs on top of a RAID1 volume comprised of two physical SATA disks. The configuration looks like this: _______________ |swap| /…
nedm
  • 5,630
  • 5
  • 32
  • 52
5
votes
3 answers

When to use Truecrypt, and when not to?

I have about 30 (this number will most likely grow over the next few years to 50 or more) unencrypted laptops that I have been tasked to encrypt (entire drive). These machines will be used off site regularly by my users. These machines are running…
tm77
  • 63
  • 1
  • 4
5
votes
2 answers

SQL Server Column Level Encryption - Rotating Keys

We are thinking about using SQL Server Column (cell) Level Encryption for sensitive data. There should be no problem when we initially encryption the column, but we have requirements that every year the Encryption Key needs to change. It seems that…
Mike Barlow - BarDev
  • 516
  • 5
  • 8
5
votes
3 answers

What are recommended SSH key settings?

I was reading over the algoritms used in SSH and I'm trying to figure out which one is the current "recommended" or at least which target audience each is for. Should I make sure my SSH key is 1.0 compatible? Should I use 1024 bit or 2048? Is 2048…
Xeoncross
  • 4,449
  • 12
  • 43
  • 56
5
votes
1 answer

Subversion 1.6 + SASL : Only works with plaintext 'userPassword'?

I'm attempting to setup svnserve with SASL support on my Slackware 13.1 server and after some trial and error I'm able to get it to work with the configuration listed below: svnserve.conf [general] anon-access = read auth-access = write realm =…
SiegeX
  • 567
  • 1
  • 6
  • 16
5
votes
4 answers

Is it secure to encrypt my POST variables to md5 before sending them?

I have a simple login form where a user enters their username and password. When php receives the vars via POST, it encrypts the password to md5, then compares it with the database records. My question is: would it be more secure to encrypt the…
Mickwaffle
  • 51
  • 1
  • 2
5
votes
2 answers

Does Android version 2.2 locally encrypt Activesync messages?

I am a sysadmin for company X. They are interested in allowing ActiveSync access to devices that support local offline encryption of the downloaded attachments and email data. Considering how the iPhone encrypts local data, where you need to have a…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
5
votes
2 answers

File encryption solution for network share

We have recently received a few client contracts where all client files must be encrypted at all times. The challenge we are having is sharing encrypted files and simultaneous access on network shares. There are thousands of files which need to…
Brettski
  • 942
  • 3
  • 20
  • 31
5
votes
5 answers

Ubuntu 10.4 Full Disk Encryption

Is it possible to setup full disk encryption for Ubuntu 10.4 server? Either natively or with Truecrypt? Additionally, is this something that has to be done at the time of installing the OS, or can it be done afterwards?
NinjaCat
  • 576
  • 1
  • 9
  • 21
5
votes
5 answers

Sharing public key with ssh

Is it possible to somehow setup an ssh server that doesn't require a username,password or cert to login? If that's not possible, if I were to give all customers the same public key, would each connection be encrypted individually? (i.e. user A…
jtnire
  • 817
  • 2
  • 8
  • 16
5
votes
4 answers

Are there any FIPS-140-2 certified solutions for Linux?

I'm not even 100% certain what this involves, but my current understanding is this: use of only approved cryptographic algorithms for network traffic (easy, we use SSL and lock down the algorithms to only the really strong ones). Some form of…
Mark Renouf
  • 1,373
  • 2
  • 16
  • 22
4
votes
0 answers

Bitlocker - mainboard exchange won't require recovery password - why?

A mainboard died. It was exchanged for the same board type (same bios and config, as well, also a new CPU but of the same type). The hard drive is encrypted with bitlocker (on Win10 Pro v1903) and I use an fTPM (Intel PTT) + PIN. I had expected to…
Hans Hase
  • 61
  • 2
1 2 3
51 52