are ecryptfs folders secure from root / local user?
I have a backup server configuration using Ubuntu 10.04LTS, not presently using ecryptfs. Multiple users can make backups to this server (i.e. to their /home folder). Although users cannot see one another's data, the administrator of the server can easily get to see all the data. I want a solution in which the administrator has no way of reading the user's private data, still allowing the user to put the data there (using [rdiff-backup over] ssh, with key-pair authentication) and allowing the user to recover data similarly via ssh.
I am not clear if ecryptfs offers a really secure solution for this, for instance one that could be used for a public backup server, or in any organisation which does not want the techie to see all the corporate secrets!
So I need the user to be able to access their private folder via ssh in an automated way (using their key-pair), both for read and write, but anyone without the private key - including the administrator and any local user of the server - must be unable to read the underlying data in this private folder in any circumstances.
Can ecryptfs offer this? Thanks for your reply!
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- eCryptfs Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Ted_Smith
- Solved:
- Last query:
- Last reply: