Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encrypting-file-system]

The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption.

70 questions
16
votes
2 answers

Auto-booting and Securing a Linux Server with an Encrypted Filesystem

I'm setting up some new Ubuntu servers, and I'd like to secure the data on them against theft. The threat model is attackers desiring the hardware or rather naïve attackers desiring the data. Please take note of this section. The threat model does…
cjs
  • 1,355
  • 1
  • 12
  • 23
7
votes
3 answers

Backup AWS EFS to S3

I've been desperately trying to find a way to backup my AWS EFS file system to S3, but cannot seem to find one. There's several EC2 instances running all having access to the mentioned EFS. In order to reduce traffic, I already tried launching a…
wahtye
  • 71
  • 1
  • 1
  • 2
5
votes
1 answer

Windows Task Scheduler cannot access EFS encrypted folder despite running as a user with access

I have a batch file set to run via Task Scheduler in Windows Server 2008 R2. The batch file is being used to rotate and compress MySQL logs, and the folder containing these logs is encrypted using the Windows built in EFS encryption. I found a VBS…
zako42
  • 173
  • 5
4
votes
2 answers

Encrypt at rest existing AWS EFS instances - is it possible?

Based on my understanding of AWS documentation it appears that the only way to encrypt at rest existing EFS instances with some data is to create new EFS instances with encryption enabled and copy the files from unencrypted EFS to encrypted EFS and…
Darko Miletic
  • 195
  • 1
  • 1
  • 8
3
votes
1 answer

Can an EFS encrypted folder be backed up in an Azure Recovery Services Vault?

When I try to back up a Windows EFS encrypted folder on a physical server to an Azure Recovery Services Vault the file size is modified upon recovery and the files cannot be opened (are unrecognizable). Am I doing something wrong or is this simply…
saminpa
  • 141
  • 4
3
votes
1 answer

Access denied to EFS encrypted files after PC joins domain

I'm experiencing strange behavior with Windows Encrypted File System: I have a machine that is in workgroup mode (not joined to a domain) I encrypt an entire directory structure on the machine (basically a folder and subfolders with data files for…
Mike Marshall
  • 98
  • 2
  • 10
3
votes
2 answers

Can root become user and access encrypted home?

The home is mounted unencrypted on login. I tried accessing it after doing 'su sampleuser', but it was encrypted, which is the expected behavior I guess. I also tried changing the user's password, and then logging in, but I was redirected to the…
HappyDeveloper
  • 654
  • 2
  • 6
  • 13
3
votes
3 answers

Can EFS be set on a per group basis?

I've been asked to create some file store for our directors that will contain sensitive information. They have asked that it not be possible for other admins to read the data. I immediately thought of EFS, but I seem to recall this can only be done…
Bryan
  • 7,538
  • 15
  • 68
  • 92
3
votes
2 answers

Disabling EFS--what to do if there are any encrypted files?

I am in the process of retiring an old Windows-integrated CA and bringing online a new, properly-configured one (several, actually). Most of our systems are unable to use EFS thanks to Group Policy... but due to some misconfiguration, a handful of…
ewall
  • 1,054
  • 3
  • 13
  • 23
3
votes
2 answers

How to mount LUKS partition securely on server

I'm curious if it is possible to mount a partition encrypted by cryptsetup with LUKS securely and automatically on Ubuntu 10.0.4 LTS. For example, if I use the key for the encrypted partition, than that key has to be presented on a device that is…
Ency
  • 1,201
  • 1
  • 19
  • 26
3
votes
1 answer

Why make random file for loopback device for encrypted file system?

I have read a few tutorials on setting up an encrypted file system using cryptsetup. They all start with the following creation of a random file dd if=/dev/urandom of=/etc/cryptfile bs=1M count=10 This file would be further used to create a…
Amit S
  • 153
  • 1
  • 6
2
votes
1 answer

It it possible to implement per-user quotas on Amazon EFS?

I'm would like to have a filesystem for network-mounted home directories that can scale easily (per user) at a low cost. EFS seems well-suited to this (especially with Infrequent Access enabled). However, I cannot see a way to set quotas on a…
Ben Davis
  • 250
  • 1
  • 4
  • 16
2
votes
1 answer

Windows 2012 Server File Encryption

I am looking for a solution to encrypt directories/files on a Windows 2012 server. Several Excel files will be stored in a share, and I am looking for a solution to encrypt them independently. From what I can tell, BitLocker is not what I am…
Acerbity
  • 95
  • 2
  • 9
2
votes
1 answer

Prompt for Certificate Password When Accessing EFS Shares

My boss wants to set up encrypted file shares using EFS on Windows Server 2012 R2 Boxes accessed by Windows 8.1 clients. I've been able to set the default DRA, issue certificates in test cases and so forth. So, EFS works. However, he also wants the…
Brian McElraft
  • 21
  • 1
2
votes
1 answer

EFS - how to disallow encrypted files on network share?

I have two servers, both on domain, both Windows Server 2008 R2, to my eye almost identically configured. Server1 allows to copy encrypted files to his network shares, Server2 gives error when trying to copy encrypted file: "You are copying the file…
toffitomek
  • 131
  • 1
  • 3
  • 12
1
2 3 4 5