Ubuntu Security :: SkyDrive + Encryption - Safe Backup - ADrive's Uploader Is Not On Https
May 6, 2010
I'm trying to figure out how to use ADrive.com's 50 GB's or SkyDrive's 25 GB's of free storage to backup my computer automaticaly.
Problem's:
1. With ADrive I can select all my files at once through their website's uploader vs SkyDrive where you have to select them one by one. There are some third party programs, like Gladinet, which will mount sky drive to your computer like an extra drive, though I haven't found one for linux yet. This guy came up with a cool way to backup automagically with Windows: [URL] I am trying to figure out how to do the same thing with Linux.
2. ADrive's uploader is not on https, whereas SkyDrive is. Either way I wanted to encypt my files on my computer first so when I back them up, they are safe in case they should fall into the wrong hands, not that I don't trust Microsoft or whoever ADrive is with all my most precious documents, but I'd rather error on the side of safety.
View 1 Replies
ADVERTISEMENT
Jun 7, 2010
I would like a seamless way of having personal files encrypted (at this point I am only worried about the home directory) and synchronize these files between different computers and with an external hd.
So far my partial solution is:
1) Default Ubuntu eCryptfs solution;
2) Unison to synchronize between the upper layers of both computers via ssh (operating on the /home/$USER mounted by ecryptfs) and also between one computer and the external HD;
3) Don't know about the external hd.
Reasons:
- I don't want any pain about data loss or data leak if my hardware gets stolen;
- Data in /tmp, /var and swap are not that important for me right now;
- It is very important to synchronize fast, incrementally and properly: propagating deletions rather than reverting and detecting change-change/change-delete conflicts before miss-propagating changes, which as far as I know only Unison is good at;
- Even if I could set the same passphrase on both computers (I guess I can, but Ubuntu does not offer me to choose the ecryptfs passphrase) I want to see the true filenames that are being synchronized;
- If possible I would like to simplify the whole scheme so that each computer is doing its own job seamlessly, and operating on the upper decrypted layer looks simple and robust;
- I would like a more general and easy-to-use scheme for the external device, so other folks use it too;
- If possible I would like ext4 backups, so it remembers file permissions etc... however it would be nice to be able to open it from Windows.
Are (1) and (2) above really good solutions or am I missing something? What are the best solutions for (3)? So far I have seen cryptsetup/palimpset and truecrypt. The more native and floss the better, but being crossplatform is nice. What are the pros and cons, and what's their relation to FreeOTFE and other Windows tools?
View 4 Replies
View Related
Jul 17, 2011
Is it possible to provide encryption over HTTPS without a certificate?
I can't afford a certificate from a CA, but I do want to provide encryption with my website... without a self-signed certificate because I hate that screen popping up on the clients computer on first visits.
View 4 Replies
View Related
Jun 7, 2011
I am not very security minded...I'm aware of it, and always made sure I had up-to-date overall protection in Windows but firewalls, and the blasted passwords are largely a thorn in my side!When I got my iPhone last year I suddenly discovered password managers & "wallets" to keep all that kind of information in and syncable across different devices. My life got so much easier. Of course now I need to figure out encryption keys, and how they work (I'm clueless). I also need to find a program or system that I can move my existing low-tech info (mailnly user name & passwords) that will also accomodate the increased needs of Ubuntu security and still be sync-able. I started a little research weeks ago, but my current "wallet" only exports .csv so I quit since I'm going to have to do a lot of data entry whatever I go with.So here goes:
1) what is the difference (bare bones) between using an encryption key (e.k.) vs. a standard user created password? what situations are better suited for e.k.?
2) I have seahorse (default intall with Ubuntu I guess) but the only thing in it is Login under passwords which leads to a login keyring (?) and a drop-down list of about 6-10 of the gazillon passwords I use daily. The other tabs are for keys which I don't have any concept of.
3) I know FF also "remembers" user id & passwords as you choose to have it do so. Is that information transferable into seahorse or another program?
4)I'm also (today) getting ready to really set up my system for user names & security across my little home network. How can I integrate that into whichever program/app I go with to store my pwds and keys?
5)give me links to fairly current documentation on this stuff?
6) Any program/app recommendations.Pros/cons uses, what they can & can't do or be used for, etc.
View 9 Replies
View Related
Oct 28, 2010
What is the current status of HTTPS Everywhere add-on for FF? I understand it was previously compatible, but it is not now (I am running 3.6.11 on LL). This article on firesheep has me a bit freaked.
View 1 Replies
View Related
Dec 23, 2010
I am building an active directory and using BIND9 as my DNS. To allow for secure dynamic updates from the domain, I am enabling GSS-TSIG as detailed here and here. Unfortunately, some of the commands and configurations used here seem to be depreciated, at least in the newer versions that I'm using. My issue is one of keytab encryption. I generated a keytab using ktpass.exe on the Windows Server 2008 domain controller. I have tried DES/MD5, AES128/SHA1 and AES256/SHA1, each have been turned down by ktutil on the kerberos server (FreeBSD). Each time, it outputs the following error: ktutil: AES256/SHA1*: encryption type AES256/SHA1* not supported *Respective to encryption used.
I cannot find a list of suitable encryption schemes that ktutil will accept. The FreeBSD handbook details a means of producing a keytab file, but I'm not sure how to configure the Domain Controller to use the keytab.
View 1 Replies
View Related
Jun 17, 2011
I want block https sites if suppose block the http it will opening in https.
View 9 Replies
View Related
Jul 16, 2011
I have tried to configure my iptables to allow only HTTPS connections to the internet. Unfortunately, I didn't get that to work. I configured it like this:
Quote:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -t filter -p tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -t filter -p udp --dport 53 -j ACCEPT
[Code]....
Of course I am only trying to access websites via HTTPS Still, I was wondering if HTTPS somehow under the hood requires the HTTP port to be open or if my rules are in some other way wrong.
ps: I got the rules from that website: [URL]
View 9 Replies
View Related
May 12, 2010
I have an ssh tunnel with my ubuntu (vps) server. On my local computer I have proxifier, to redirect everything with socks5.
Everything works fine, I can browse websites and that. Email also works.
But when I want to visit a website that uses https it doesn't work. I do not get to see the website, or receive an internal server error.
View 7 Replies
View Related
Mar 27, 2011
Is there a plugin or some other way to check to see if a website has https available, and use that instead? I know some sites, like Wikipedia have a different hostname for SSL support while others have the same hostname, just What I would really like to seesome kind of header in the http reply or the html that saysSecureAvailable= is there any system like this in place? There's too many issues with with unencrypted http to continue having that as the default.
View 3 Replies
View Related
Aug 17, 2010
I have just installed SSL certificate for my private domain (it runs on a private ip in a local network). I got the trial SSL from thawte. I have successfully installed the certificate.
View 1 Replies
View Related
Nov 5, 2010
My Problem is: I want to stop gmail access without blocking https. Yes in my squid proxy normal http://gmail.com is not accessible. But gmail recently started https service by which user can still get access to gmail. I DONT WANT TO STOP https CAUSE ITS BEING USING BY MY COMPANY GOOGLE MAIL PROGRAM.
View 2 Replies
View Related
Jun 19, 2010
When connecting to an unknown unsecured wireless network, is it possible for someone to capture a header and resend it even if it's over https? For example I login on an ipod or on a computer and connect to a server through https and password auth. Although anyone monitoring the transmission could not get hold of my password since it's encrypted, could they just capture the header and resend it 5mins later to logon again without even knowing the password?
View 13 Replies
View Related
Sep 17, 2010
I am working on a project to create a video conferencing environment. For this I use a default installation of BigBlueButton on ubuntu 10.04. One of the main problems here is that it's not safe enough to share classified documents trough this software. It's a simple webserver that uses nginx. What I want to do is make this connection secure.
One of the problems is that I don't only have a connection trough port 80 but it uses the following ports:
Port 80 (HTTP), 1935 (RTMP), 9123 (Desktop sharing).
I would like to use a proxy instead of some tunneling or vpn to do this. Would anyone happen to know anything about squid or another equivalent to do this?
View 3 Replies
View Related
Feb 20, 2011
I am looking for some software (not Tryecrypt) where I can just right click a file and it will encrypt it for me. It would be nice to unencrypt on Windows but not essential.
View 3 Replies
View Related
Apr 25, 2011
I have high amount of data stored on MSN Skydrive But I do not know of a skydrive client that runs on Linux, which lets you store, in conclusion, to manage those files. I know there are other vendors that do have, for example, DropBox, but for different reasons, are not an option for me. You know, that client exists, SkyDrive for Linux, and is compatible with Dolphin or Nautilus.
View 6 Replies
View Related
Apr 4, 2011
Basically, whenever I am on an unencrypted wireless hotspot, I open up an SSH tunnel to my home server to do all my browsing for the privacy and security it provides.But I got to thinking, and now I am curious, if I am visiting a site like gmail for instance that always uses SSL/TLS for it's connections, is there any added benefit to also using an encrypted tunnel? or is it perhaps superfluous to use both
View 3 Replies
View Related
Nov 12, 2010
It seems to me that he passwords kept in GNU Keyring Seahorse, are not kept very safe, because if I'm logged in and someone access my cumputer they can see my passwords that are saved there. I have set a keyring password, but it seems that is it not all the time locked.What are some general follow guide rulles to make sure my passwords are kept safe and my encryption keys that I use.
View 2 Replies
View Related
May 22, 2011
I have set up certain portions of my web site to be forced https:// How do I force, non https:// protocols. I know this sounds confusing, so let me give you an example.
[Code]...
View 7 Replies
View Related
Jan 8, 2010
When 10.04 is released I'll encrypt my /home partition using luks. I've read that xts is good for hard drive encryption and aes is good for cipher encryption. I'm looking for something that is fairly secure without sacrificing a lot of speed.
View 2 Replies
View Related
Aug 3, 2010
I want to create an encrypted directory using the cfs package. So far I've only been able to create the top directory. When I want to attach an encrypted directory using
Code:
cattach directory1 directory2
get the following message in command line:
Code:
RPC: unable to receive
When i look into my /crypt directory, nothing was added there. I have no idea what could be the problem. I use Ubuntu 10.04 LTS.
View 1 Replies
View Related
Aug 3, 2010
I am currently running 8.10 with full-disk (excluding /boot) encryption. I am going to be installing 10.04 on a new laptop, and I was wondering whether it supports multi-factor authentication. Specifically, I would like to have a keyfile on USB/SD memory that is required, in addition to the password, to decrypt the disk. Anyone know of a guide out there? So far my searches have turned up nil.
View 9 Replies
View Related
Sep 5, 2010
i have installed a ubuntu 10.04 (mini iso) w/ option of root encryption. Now i need to boot without ask for passphrase, but im trying to add a luks keyfile without success.i want to use a keyfile in the /boot partition or inside the initrd (cant be in external pendrive), but ubuntu aparently dont accept a keyfile in /boot or initrd file. I know, this way isnt very security, but i just need a basic encryption.So, how to force the use of a keyfile in /boot or inside the initrd for a crypt root partition?
View 5 Replies
View Related
Oct 17, 2010
I've been using GPG keys for about a year now to send encrypted emails to family. But now I want to try and understand more, mainly on signing keys. I've read a ton of stuff, but not fully grasping the concept. So I thought I'd check my understanding people here. Please let me know if I'm wrong on something.
Signing keys seems to be just signing someone else's public key with my private(public??) key. Does that mean I don't sign my own keys? Or should I? There seem to be lots of keyservers out there, mainly I keep hearing about the MIT one and the ubuntu keyserver. Does it matter where I upload my public key? Somewhere I read that once you upload it once, it will slowly make its way to other servers. How is that possible. If someone signs my key on one server, will that also get pushed to other servers?
View 6 Replies
View Related
Mar 7, 2011
I've read that blowfish encryption is much faster and still safe enough to transfer files between hosts.What's the default encryption used by openSSH? (if not already blowfish)
View 2 Replies
View Related
Apr 20, 2011
Is there any available Ubuntu encryption stronger than a 4096-bit DSA PGP key that is natively supported or can be supported by Evolution?
View 2 Replies
View Related
Jul 17, 2011
I don't care for domain 'authentication' by an "Authority". I don't trust no one, so CA's to me are as trustworthy as the gypsy in the park.
I can use a self-signed certificate, but the problem is most browsers makers are Fn idiots that say the connection is not secure, when it actually it, but because I did not folk out cash, it makes my website look bad.
I can understand the need for a 3rd party to verify the domain host to prevent man in the middle attacks, but I do not care for this.. and browser makers should take more responsibility and introduce different padlocks for types of authentication, rather than saying "this connection is encrypted, but not secure because its self-signed". What a load of horse s***!
How many times does people stop to read certificate authorities? I sure don't. I only care weather or not the connection has been encrypted.. so, I am looking for a way for simply providing encryption for my website.
From what I understand, when you submit a CSR to a CA, it includes the private key, meaning that the CA would be able to see the encrypt data, should they get hold of it. This is not acceptable for me.
Is there anything other way to use encryption other than the SSL model that is used typically amongst HTTPS browsers today?
View 3 Replies
View Related
Jul 18, 2011
I have a problem using PGP encryption. I am running Windows 7 operating system. I have PGP working perfectly fine when running manually through DOS mode (cmd.exe): gpg -ase --always-trust --batch --passphrase myphrase --output c: estdir estfile.csv.pgp -r someword c:estdir estfile.csv
Now the problem happens when I am trying to run same script in Perl in the browser (Perl + IIS are installed locally on my PC). The error I am getting is: gpg: no default secret key: No secret key gpg: C:\testdir\testfile.csv: sign+encrypt failed: No secret key
From what I understand, the secret key is created under my user profile. IIS runs under some default user name, so it does not see the secret key. I am not sure how to solve this problem.
View 1 Replies
View Related
Jun 14, 2010
i have found this xor encryption program
Code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define MAX_SIZE 256
[code]....
Its working fine, it can encrypt and decrypt. but how strong is it ? is it all depending on the specified key ?
View 5 Replies
View Related
Jul 13, 2011
I just found a neat way to encrypt a file in Ubuntu 10.04.
I right click on a file and select the Encrypt option. The program prompts me to "Choose Recipient" so I choose myself on the list. Then it prompts me to enter my passphrase.
Once all that's done I hit enter and it adds .pgp to the end of whatever file just encrypted. The same basic method is used to Sign the file.
Does it sound as though what I said is correct and that the file I wanted to encrypt was indeed encrypted?
Can anyone crack my files without the passphrase? I'm sure it depends on the complexity and length of the passphrase.
View 6 Replies
View Related
