Re: [tlug] Raid5 box & backup

[Shawn Brown <big.coffee.lover@example.com>]

 Hi,

> - You create a TrueCrypt volume, with its own password, for each of your
> private parts. (Stop sniggering at the back, you know what I mean...) I
> think you should be able to mount each volume over your local network using
> Samba, so your client PC will have access to an encrypted volume which it
> will decrypt locally, using the password for that volume.

> - Although I think it should work, I haven't tried using TrueCrypt to mount
> a volume read/write over a network share; I assume that if you try to mount
> the same volume read/write from two computers at the same time very bad
> things will happen to your data.

Thanks for the suggestion on TrueCrypt.  It's nice that it runs on OSX
too (which Bruno said he also uses).

The only trouble I had was when it asked me for an "administators
password".  I thought root would work but it turns out it needs a sudo
enabled user.  The docs are not clear on that.

What was said above is not correct in that client PCs accessing a
read/write mounted volume can not decrypt locally.  Rather the data
needs to be encrypted using e.g. SSL, TLS, VPN, or other technologies.

>From TrueCrypt docs:

If there is a need to access a single TrueCrypt volume simultaneously
from multiple operating systems, there are two options:

   1. A TrueCrypt volume is mounted only on a single computer (for
example, on a server) and only the content of the mounted TrueCrypt
volume (i.e., the file system within the TrueCrypt volume) is shared
over a network. Users on other computers or systems will not mount the
volume (it is already mounted on the server).

      Advantages: All users can write data to the TrueCrypt volume.
The shared volume may be both file-hosted and partition/device-hosted.

      Disadvantage: Data sent over the network will not be encrypted.
However, it is still possible to encrypt them using e.g. SSL, TLS,
VPN, or other technologies.

2. (decrypt locally using read only)