Is remote encrypted filesystem via sshfs secure?

3

1

I want to create an encrypted filesystem locally (so only I know the key) and then rsync it to an untrusted remote machine.

I then want to sshfs mount the remote encrypted filesystem.

My goals:

  • No one on the remote machine can see my file contents, my file names, or anything else useful

  • Same for anyone on the network between my local machine and the remote machine.

barrycarter

Posted 2013-11-21T16:50:05.070

Reputation: 695

Same for anyone on the network between my local machine and the remote machine - If you are using sshfs and you haven't changed anything related to the ciphers used then you are almost certainly defaulting to strong encryption for the transport. Nobody should be able to see anything on the wire. – Zoredache – 2013-11-21T17:39:27.870

and then rsync it to an untrusted remote machine. - What exactly are you rsyncing? What method of encryption are you planning to use? The specific matter a great deal here. – Zoredache – 2013-11-21T17:41:35.377

Answers

0

Assuming your "encrypted filesystem" is something like a file-hosted TrueCrypt volume, and you're just copying that file over to the other system, then mounting via SSHFS should be relatively safe, since the data you read from the remote system will be encrypted, and you'll then decrypt it locally. Similarly, you'll encrypt any modifications locally and then write it to the remote system in encrypted form. So overall, the remote system should never have any decrypted data on it.

Still, there are a few things you should probably keep in mind:

  1. You'd better make sure your passphrase is absolutely uncrackable, since there would be nothing to stop an attacker on the remote system from trying to decrypt your data via brute-force.
  2. Depending on what software you're using, you may not be able to easily detect that a remote attacker has modified your data. Your disk encryption software may very well assume that you have physical control of the device containing the encrypted volume, so that the volume won't be modified without your knowledge. Consequently, it won't bother to implement any authentication (e.g., with a MAC) -- that would incur additional overhead that would typically be unnecessary (but might not be under your use case).
  3. This is more speculative, but there might be subtle attacks made possible by being able to observe your activity and/or its timing. Disk encryption software generally assumes you have local security, in which case this normally wouldn't be an issue, but again, your use case isn't quite "normal". That said, it's likely that only a sophisticated attacker could practically exploit this.

jjlin

Posted 2013-11-21T16:50:05.070

Reputation: 12 964

I was going to use encfs to create the encrypted file system. Is there a more standard way to do this (store files remotely where the filenames and file contents are both encrypted)? – barrycarter – 2013-11-21T18:47:35.483

Not that I'm aware of. – jjlin – 2013-11-21T19:01:46.947

Asked: 2013-11-21T16:50:05.070

Viewed: 1 524 times

Active: 2013-11-21T18:32:26.813