Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Client Password based data encryption.

2012-02-16 15:11:12
Subject: Re: [Bacula-users] Client Password based data encryption.
From: Thomas Mueller <thomas AT chaschperli DOT ch>
To: Wassim Zaarour <wassim.zaarour AT navlink DOT com>
Date: Thu, 16 Feb 2012 13:13:39 +0100 
On 16.02.2012 12:32, Wassim Zaarour wrote:
> What I was thinking is of a way maybe to have some password based
> encryption, where only the users know his password but I didn't find any
> solution that can work like this.
> I guess for now we have to settle that the IT admin. Or the Sys admin have
> access to the encrypted data.

as you describe it, its not possible. Even if it was supported, how 
would it be encrypted on the client without the sys admins knowing the 
password?

i've tested the other method with removing the private key from "PKI 
Keypair" but it fails with "Failed to load private key for File daemon".

- Thomas



>
>
>
> On 2/16/12 12:01 PM, "Thomas Mueller"<thomas AT chaschperli DOT ch>  wrote:
>
>> Am Wed, 15 Feb 2012 11:07:40 +0200 schrieb Wassim Zaarour:
>>
>>> Hello,
>>>
>>> Currently the data encryption option in Bacula is based on certificates,
>>> meaning that if the person creating the certificates for the client
>>> keeps his copy of the certs, he is able to restore and decrypt the data
>>> without the users approval, since some people want their data
>>> undecryptable by absolutely anyone but them, I was wondering if there is
>>> a way to encrypt data using a password that only the client knows, or of
>>> there any ideas how to achieve this.
>>>
>>
>> let the user himself create the encryption cert and try to use only the
>> public-key in the sd.
>>
>> In theory encryption does just need the public-key. Encrypting needs the
>> private key. but I don't know if it is possible to provide only the
>> public key to bacula-sd.
>>
>> - Thomas


------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Client Password based data encryption., Thomas Mueller
Next by Date:  Re: [Bacula-users] Space reclamation, Thomas Mueller
Previous by Thread:  Re: [Bacula-users] Client Password based data encryption., Wassim Zaarour
Next by Thread:  [Bacula-users] Running a job from the client., Wassim Zaarour
Indexes:  [Date] [Thread] [Top] [All Lists]