0

What I want is about this: Files are encrypted on the server, apache can decrypt it with certificates the client has to have installed and then send it encrypted to the client via SSL.

So the files are always encrypted on the server (except the moment apache decrypts it to encrypt it again).

Another possibility would be to have something like an TrueCrypt-Server. However, each client must have write access, just like they would with a ftp server.

Does anyone know such a server-program.

Mene
  • 101
  • 2
  • Okay, what's your question? – Bobby Apr 13 '11 at 15:33
  • I'd like to know a server that can do this or how to set up apache like this? (Or I'd like to know if apache can do this at all) – Mene Apr 13 '11 at 16:02
  • 3
    I would like to know what's the point of the encryption then. If the server always have the decryption key, then anyone who gain access to the server can decrypt anything, and the encryption is as pointless as locking a gate and leaving the gate's key on the keyhole. It will just be a waste of CPU time to encrypt/decrypt stuff. – Lie Ryan Apr 13 '11 at 16:07
  • @Lie: Physical attacks? – user1686 Apr 13 '11 at 21:10
  • the certificates are not on the server. The user send them with their request. – Mene Apr 15 '11 at 16:45

1 Answers1

2

Don't use Apache/HTTP to serve files. Install SSH on your fileserver and use WinSCP or another graphical SCP client for uploading/downloading. SSH encrypts data in transport and SCP clients work a lot like ftp, but without the annoying "passive mode" crap and firewall acrobatics required to support it. SSH also supports certificates.

LawrenceC
  • 1,192
  • 6
  • 14