encrypted storage

[michabbs]

Is it possible to encrypt content of a container filesystem?

For example I want to use remote storage like cifs/nfs. If the remote system gets compromised (or if I don't trust admin...) - all container data might be read, copied and taken over by "bad people". On the other hand - if the data was encrypted (and the key was kept on the pve node), then there would be no possible way to read container content as long as the node itself stays secured. (Bad people could only delete the data, but not read them.)

 

[Vasily Poterjyko]

Is it possible to encrypt content of a container filesystem?

For example I want to use remote storage like cifs/nfs. If the remote system gets compromised (or if I don't trust admin...) - all container data might be read, copied and taken over by "bad people". On the other hand - if the data was encrypted (and the key was kept on the pve node), then there would be no possible way to read container content as long as the node itself stays secured. (Bad people could only delete the data, but not read them.)

I am also interested in this question. Have you found any solutions?

 

[michabbs]

I am also interested in this question. Have you found any solutions?

No. :-(

 

[Astraea]

Have you looked into something like Veracrypt, I have not used it for a network share before but have used it before on external SSDs

 

[michabbs]

I considered something like encfs, but did not do any tests yet.

 

[michabbs]

This seems very promising: https://github.com/rfjakob/gocryptfs?tab=readme-ov-file
(I haven't tested yet.)

 

[Vasily Poterjyko]

This seems very promising: https://github.com/rfjakob/gocryptfs?tab=readme-ov-file
(I haven't tested yet.)

Do you have any news on this encryption?