Encrypted SMB Storage

K

Khensu

New Member
Feb 3, 2023
4
1
3
Hello Proxmox Community,

I'm just trying to mount my SMB/CIFS Storage for my backups.
For this I rent a Storage Box at Hetzner, they offer SAMBA/CIFS and more but SMB is the only
method Proxmox supports of them.
At the bottom of the page https://docs.hetzner.com/robot/storage-box/access/access-samba-cifs/ they say you have to add
"seal" to the mount command, as the connection is over the internet I rather have my backups transfered encrypted or not?
Or is Proxmox using encryption with SMB by default?
I may also use backup based encryption, so the backups themselves are encrypted, is this already possible over the Webinterface?

Thank you in advance :)
 
Encrypted backups are only supported when running a Proxmox Backup Server.

If you want to modify how that SMB Share is mounted, you could manually mount that SMB share using the fstab and then add a directory storage pointing to its mountpoint.
 
Thank you very much.
This could be a solution your right!
I wanted to use backup based encryption as well but I don't have a Proxmox backup Server.

I have now decided to use BorgBackup and transfer my backups with that to my StorageBox.
 
Khensu said:
I have now decided to use BorgBackup and transfer my backups with that to my StorageBox.
Click to expand...
That's a valid solution; I am using Borg for other means and I like it very much. But it is not "integrated" in PVE and for that reason I would do it this way instead:
  • as @Dunuin mentioned: mount that SMB-share locally and use the space as a "directory"-storage
  • accept that this storage is not trustworthy and avoid to store plain unencrypted data on it
  • install PBS and connect it to your PVE the documented and tested way - with encryption on this level
The main advantage is to have your backups integrated in PVE in a manageable way - backup/restore works from the PVE-Webgui without manually handling BorgBackup.

PBS can be setup on separate hardware (of course recommended for obvious reasons!), directly on the PVE host, in a Container or in a VM. Every approach has pros and cons already discussed here in the forum.

Just my 2 €¢...

----
Edit: Forget it! (I mean: my approach.) PBS is extremely slow in this constellation. Probably unbearable. PBS needs IOPS - the recommended configuration for its datastore is local SSDs...
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom