Re: [qubes-users] Re: Idea for (resonable secure) cloud-storage usage with Qubes
Hey, Dnia Saturday, October 21, 2017 9:48:56 AM CET [799] pisze: > Regarding my specific use case I would like to synchronize the data to keep > a copy at another location. Using LUKS images can cause a problem depending > on the transfer mechanism, as I need to use a mechanism which will only > transfer the qctual changed blocks not the whole image. As such I'd like to > use an encryption which works with file based encryption - knowing that > this has reduced security as metadata etc. can be used to attack the > encryption. But that's also what we're doing with LUKS+SSHFS. The LUKS volume is cryptsetup luksOpened and mounted on the *client*, not on the (SSH) *server*, meaning the (SSH) server only has access to encrypted data. Then we're doing regular file-based operations, like rsync or whatnot. Only modified bytes of the LUKS image seem to be actually transferred. We're not transferring the whole images back and forth. That would defeat the purpose. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2086835.dST5jOF2SY%40lapuntu. For more options, visit https://groups.google.com/d/optout. signature.asc Description: This is a digitally signed message part.
Re: [qubes-users] Re: Idea for (resonable secure) cloud-storage usage with Qubes
Hello rysiek, > For what it's worth, we're using (not with Qubes, just generally) a system of > LUKS volumes in large (hundreds of GiB) files on SSHFS-mounted volumes (for > backups), and we're quite happy with that set-up. thanks for the info, good to know that sshfs seems to work on a daily basis. I have migrated from NFS to SSHFS already. I'm using certificates for additional security and have restricted firewall rules so that only transfer between both VMs TC/port 22 is allowed. Seems like a solution that is ok, even when I'll not out the "save-the-world-formula" there (as encfs seems to be the weakest link in my setup). Regarding my specific use case I would like to synchronize the data to keep a copy at another location. Using LUKS images can cause a problem depending on the transfer mechanism, as I need to use a mechanism which will only transfer the qctual changed blocks not the whole image. As such I'd like to use an encryption which works with file based encryption - knowing that this has reduced security as metadata etc. can be used to attack the encryption. See my other mail, how my solution with SSHFS looks like. [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/V0dpX3W2EbJzCW_ZRiDmER_jVJ-scQxwql22ImWdVFpJItIIybF4bQri6R77rIDUGRTaAiUNcdg9sF1nIbKQ7lCir8vTDxmTmsjVNEuj2FI%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
AW: [qubes-users] Re: Idea for (resonable secure) cloud-storage usage with Qubes
Hello Ron, Thank you for the feedback. > Have you considered using SSHFS rather than > NFS? I'm no security expert, but it would > seem to me to be more secure than NFS. Actually yes, I thought about it after other mentioned that enabling NFS would offer another attack window. Even when I am unsure as I have but some encryption and firewall restrictions in place. The Access VM is the only one connected to the internet and the NFS Storage VM. The other AppVMs who will connect to the storage VM don't have an online connection. >From my understanding an attacker must come through the Access VM and >then attack the Storage VM. Unfortunately I don't how those attacks take place and how much time is necessary. It could be possible to launch the access VM only periodically just to sync the data. Keep in mind, that all data is encrypted from the view of the access+transfer VM. I'd like to setup firewall rules, which will only allow traffic from the access+transfer VM to the cloud storage provider, but this need some further investigation. As far as I understand Qubes Firewall GUI will not work with domain names but with IPs. Regarding sshfs I will give it a try, as ssh is used to connect remotly I am (reasonable) sure that it has less attack possibilities than NFS. Even when enabling inter-VM networking I feel more secure when I can keep my data encrypted+synced and have the data access separated in different VMs. [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/_HKrGSpPkv_IGVU_nDSatjZ4QDQ6hwh-gT4QSoB4PQBtS3JIYwjXXpKVyGXELcaiaBLgo1y39vRZtqjP9gQYalHxJ0pLn2IHdrDe088ZrDQ%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.