Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encryption]

Encryption is transforming information through a cipher to protect it from unauthorized access.

Encryption is the process of taking some information (the plain text), and transforming it (usually with a cypher and a key) so that it is secure. Assuming a sufficiently strong cypher and key have been chosen, this cyphertext can be shared widely, without the information being compromised.

The reverse of Encryption is Decryption, where the process is reversed (normally by someone holding the key and cypher details) to return the information.

See the Wikipedia Page for more details.

775 questions
4
votes
3 answers

How would you manage keys with TrueCrypt in a business enviroment?

What would be some of the best options for implementing TrueCrypt on all external devices so if any are lost or stolen that the data is not readable to another person but could be managed in a way that users wouldn't accidentally forget their entire…
Chris Marisic
  • 1,424
  • 8
  • 33
  • 51
4
votes
0 answers

Is there a way to create a PEM file using PowerShell and only PowerShell?

I'm looking for a way to create an AES-128 key in PEM format (Base64 encoded text file) using PowerShell. All the examples I can find assume the user has OpenSSL installed. The equivalent OpenSSL command would be: openssl genrsa -aes128 -out…
Mike Christensen
  • 965
  • 1
  • 11
  • 21
4
votes
2 answers

Are LTO Hardware compression and encryption standardized?

I'm about to setup a backup using an LTO-4 Drive. I know that drives are meant to be compatible to any tape within the past 3 generations (so I should be able to read an LTO-4 tape using an LTO-4, 5 or 6 drive). I wonder if this also applies to…
Michael Stum
  • 4,050
  • 4
  • 36
  • 50
4
votes
2 answers

Asymmetrically encrypted filesystem

I'm dealing with some data that's governed by specific regulations and that must be handled in a specific manner. I'm finding that this data ends up in some of my log files as a result of the system operating as intended. I'd like to find a way to…
Justin Thomas
  • 53
  • 3
4
votes
10 answers

How to protect against against data access if USB drive gets lost?

Using any external USB drive under Windows XP, how to encrypt/decrypt files on the fly, but without too much slow-down from the overhead. Most of the obvious solutions like Truecrypt won't work because with these the host system needs to have…
Rob Kam
  • 143
  • 1
  • 4
4
votes
1 answer

Encrypt disks using SED and store keys in TPM?

I'm buying servers lately and all of them have disks that support TCG Opal full-disk encryption (aka SED). What I'd like to do is: Store data encrypted-at-rest on the disks (NVMe & SAS). Not be required to enter a password/passphrase at server…
Evan
  • 307
  • 1
  • 4
  • 12
4
votes
4 answers

What could cause a 'sense error' when setting LTO encryption?

I'm trying to set an encryption key on an LTO-4 drive under Linux. I successfully did this once, power cycled the drive, and now I cannot get the drive to accept the key again. The command I am using is this: $ stenc -f /dev/nst0 -a 1 -e on -k…
Malvineous
  • 1,095
  • 11
  • 28
4
votes
1 answer

Exactly how does kickstart encrypt a partition?

Let's say for example I have this line in the pre section of my kickstart file: part / --asprimary --fstype="ext4" --size=10000 --encrypted --passphrase=pass1 Great, but, how does that work? Exactly how does "--encrypted" encrypt the partition?…
Everlight
  • 141
  • 1
  • 3
4
votes
1 answer

Does CloudFront support S3 signature version 4 for KMS encrypted objects?

I'm using Cloudfront with an S3 origin that is using KMS to encrypt objects. I'm getting the following error when sending a GET request for an object in the S3 bucket. Requests specifying Server Side Encryption with AWS KMS managed keys require AWS…
DJ Tarazona
  • 191
  • 2
  • 6
4
votes
2 answers

Is it possible to encrypt a virtual machine or container so the host is not able to read any of its data?

I'm wondering whether it would be theoretically possible for a cloud hosting provider to run an application for a customer where the customer doesn't trust the hosting provider with the data in the application. The customer would upload a virtual…
gesgsklw
  • 41
  • 2
4
votes
4 answers

OS-agnostic way to set permissions and encrypt files

A friend of mine is physician and shares his office with other physicians (they're all psychiatrists). They're looking for a not to pricey and secure way to share and store files (basically text-only notes and reports) on a server (preferentially…
Javier
  • 163
  • 1
  • 6
4
votes
1 answer

How to find mainboards that supports Self Encrypting Device (SED) in BIOS?

There should exist mainboards that support Self Encrypting Device (SED) in BIOS, so when connecting a SSD which have SED support, and SED have been enabled in the BIOS, it prompts on bootup for password. Searching for "mainboard sed support ssd…
Jasmine Lognnes
  • 2,520
  • 8
  • 33
  • 51
4
votes
1 answer

GPG Encryption: Am I using the right keys?

I have a process to encrypt a bank file using OpenPGP (via BouncyCastle) and SFTP the file to the bank for financial processing. They sent me a public key file, which I examined the key using the following command (results follow): C:\Program Files…
Jeremy Holovacs
  • 407
  • 1
  • 6
  • 22
4
votes
1 answer

What is the location of the SQL Server Fallback Certificate?

We are required to use encryption with SQL Server, so we have enabled ForceEncryption. According to the documentation, if a certificate is not provided, SQL Server will generate its own internal certificate to do the encrypting. We need to…
tresstylez
  • 378
  • 1
  • 4
  • 17
4
votes
3 answers

How secure is traffic between domain members?

I was just thinking about security in AD domain environment. I have a question: how secure is communication between domains by default (without implementing IPSec etc.) For example if I download a file from one domain computer to another domain…
ko4evneg
  • 234
  • 2
  • 10
1 2 3
51 52