Slashdot Mirror

← Back to Stories (view on slashdot.org)

Building a Fully Encrypted NAS On OpenBSD

Posted by kdawson on from the peace-of-mind dept.

mistermark writes "Two years ago this community discussed my encrypted file server. That machine has kept running and running up until a failing drive and a power outage this last week. So, it's time to revise everything and add RAID to it as well. Now you can have an on-the-fly encrypting/decrypting NAS with the data security of RAID, all in one. Here is the how-to."

24 of 196 comments (clear)

  1. Netcraft... by Anonymous Coward · · Score: 5, Funny

    mistermark's failed hard drive only further confirms that BSD is, in fact, dying.

  2. One link in the chain... by Architect_sasyr · · Score: 3, Insightful

    One step in the long process. Kudo's and gratitude for putting this up, it will certainly make my process easier.

    I wonder, are there any full HOWTO's on this? 802.1x and IPSec both come to mind. The protection is useless if the server is powered on of course.

    --
    Me failed English...
    FreeBSD over Linux. If my comments seem odd, this may explain...
    1. Re:One link in the chain... by Yggdrasil42 · · Score: 5, Insightful

      Thanks for clarifying the OP's error, but why the patronizing tone?
      Most people on the planet don't speak English natively, and a large part of the Slashdot population is from that group.

      Since you can't tell if the OP does or does not belong in that group, being a little less harsh would make the world a nicer place. Why not start there?

  3. An explanation by Anonymous Coward · · Score: 3, Funny

    Kdawson clearly killed the other editors, and is now posting all stories. If you see anyone else posting, it's actually kdawson using their account. Look for more dupes, April Fool's Day jokes, and Slashvertisements soon.

  4. needs usability by r00t · · Score: 3, Interesting

    Right from the initial install, by default, this should work.

    Encrypted backups should be default and easy, with reminders.

    You need multiple keys: whole-system, per-user, and swap. The swap key gets replaced at boot with something random.

    Ultimately, it needs mandatory encryption. This would exclude OpenBSD; you need a mandatory policy framework like SE Linux to make it happen. Mandatory encryption means that normal users are prohibited from removing data from the machine without first encrypting it in an approved way. This most likely solves part of the backup problem. It also reduces the insider threat, while still allowing transfer of data between secure machines.

    1. Re:needs usability by jd · · Score: 2, Interesting
      Mandatory encryption won't help a whole lot. Mandatory access controls that utilize encryption might help some - it doesn't protect off-site data but DOES limit the device you copy data onto, as the device must be authorized to hold the data. It is then the problem of the device as to how to protect things. Not perfect, but a major improvement, as it means Joe "The Spy" User can't copy onto an unauthorized device to decrypt later at Evil HQ, and Fred "The Idiot" Flintstone can't copy top secret DoD construction plans onto public FTP servers. As has happened, according to reports.

      (The point of MAC is that MAC requires that there be explicit permission given by someone who has the authority to give that permission. It is not implicit, unlike DAC where anything not expressly prohibited is implicitly allowed.)

      The encryption thing can be improved on a little, if it is not secret key -or- uses an OTP calculator that only resides on authorized machines. The latter is getting a little into security through obscurity, but still works to a degree if the calculator is any good and the underlying crypto is sufficiently strong. As async encryption is slow, you'd probably want a crypto accelerator, but there are countless such systems. Don't blame the algorithms if you don't want the solutions.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  5. freenas... by Tmack · · Score: 4, Informative
    Meh...

    1. download FreeNAS
    2. install to USB/CF drive (it needs ~32Mb)
    3. configure * reboot on the USB/CF drive (or if your mobo cant boot to those, maybe a CD or spare HD)
    4. ?
    5. Profit!

    Tm

    --
    Support TBI Research: http://www.raisinhope.org
  6. Re:Pretty In-depth by ComputerSlicer23 · · Score: 2, Interesting


    I'm shocked the raid tools for OpenBSD aren't better then that. Not a dig at it, OpenBSD generally prides itself on exceptional tools. OpenSSH, CARP (their replacement for VRRPD), their firewall tools and everything else. Linux has a system call that can be used to monitor the status of a RAID array. It can kick off an arbitrary command, including starting up recovery and/or e-mail alerts. Technically the system call doesn't, but the mdadm tools that use the system call can.


    I really hope somebody replies telling me, I'm an idiot and that OpenBSD has exactly such tools. Well and they really exist, as opposed to the clever slashdot behavior of telling me I'm an idiot and be completely wrong.


    Kirby

  7. Pretty Useless by mvdwege · · Score: 4, Insightful

    Seeing as that he uses per-volume encryption, this is pretty useless. It makes his 'server' pretty much a single-user NAS box, because as soon as another user gets an account to access the file server, they get access to the data.

    Data encryption on a fileserver only makes sense if it is done on a per-user level. This is not News for Nerds, as this is basically just another implementation of how to encrypt your local disk.

    Mart
    --
    "I know I will be modded down for this": where's the option '-1, Asking for it'?
    1. Re:Pretty Useless by DamnStupidElf · · Score: 4, Insightful

      Seeing as that he uses per-volume encryption, this is pretty useless. It makes his 'server' pretty much a single-user NAS box, because as soon as another user gets an account to access the file server, they get access to the data.

      As long as the server remains physically secure, and assuming there aren't gaping root privilege holes in the security, the files on the disk are still protected by the file system permissions. As long as the users can trust the admin, they don't have to trust each other.

      Data encryption on a fileserver only makes sense if it is done on a per-user level. This is not News for Nerds, as this is basically just another implementation of how to encrypt your local disk.

      Databases with private information like credit card or social security numbers should be on encrypted disks. Not to protect against users, but to protect against the drive being replaced or stolen before it can be wiped (secure wiping is not necessarily secure either, especially as drive technology advances, since what was wiped 5 years ago may be easily readable now).

      There's really no advantage to having a server encrypt and decrypt each user's data with a different key. The server will have to know all the keys to perform the decryption at least (public keys allow secure encryption without the server knowing the private key), so it's only as secure as encrypting the entire drive and then relying on filesystem permissions. Root will always be able to read any files that are encrypted/decrypted on the server itself. If clients encrypt their files before storing them on the server, then the server can safely store everything in plaintext.

    2. Re:Pretty Useless by mvdwege · · Score: 2, Insightful

      There is really no advantage to encrypting data if you have other means to restrict access to a server.

      Volume encryption only makes sense if there is a significant risk of losing physical control over the volume, i.e. on portable media. If your hypothetical server with private information is not in a secure datacenter, you're doing something wrong.

      So, considering that a fileserver will have some form of access control anyway (in case of this NAS box, the locks on his house), why encrypt the entire volume in the first place? The first insecure client that connects makes the whole exercise moot, not to mention giving out the key to multiple users. And if there is no access control, neither physical nor logical, then it is just a local disk connected to a network instead of directly to a (S)ATA/SCSI bus. And local disk encryption is old hat.

      Mart
      --
      "I know I will be modded down for this": where's the option '-1, Asking for it'?
  8. Re:USB drives?!? by gardyloo · · Score: 3, Funny

    USB was o.k. last year, but with 20GB/sec effective transfer rate at most, it simply doesn't do a large modern HDD justice anymore.

        Jeeeeezus! Either I'm way behind the times, or your "GB" was meant to be perhaps a thousand times smaller.

  9. Re:Already done by Architect_sasyr · · Score: 2, Informative

    It does not. If we read through the article we do find, however, that the author suggests FreeNAS for a NAS, OR CryptoBox for hardware encryption. IMHO neither solution leads to the extension into a full blown server that the OpenBSD option gives.

    My $0.02 AU

    --
    Me failed English...
    FreeBSD over Linux. If my comments seem odd, this may explain...
  10. Don't use loop-aes anymore. by Ayanami+Rei · · Score: 2, Informative

    Use dm-crypt with LUKS in the aes-cbc-essiv:sha256 mode (should be the default). There are policy issues and known plaintext attacks against loop-AES unless you the multi-key setup which _isn't_ the default... by the times the issues were widely known people were using LUKS because key management is more flexible.

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
  11. Re:Been looking for something like this by JayAEU · · Score: 3, Interesting

    Just make sure you don't follow TFA's recommendation regarding the choice of identical drives for the RAID array, which would make the whole point of redundancy moot.

    Identical drives are just that, identical. This means that they also are very likely to fail at the same time or may not survive a RAID reconstruction process to rebuild the other failed drive.

    My advice would be to make them identical only in size and maybe the interface, but for the love of God, do pick different manufacturers and production months for the drives.

  12. Re:Yawn... I prefer Ubuntu for this function by kwark · · Score: 2, Informative

    What! You are saying that Ubuntu doesn't do this on install? Even the Debian Installer has support for these kind of setups.

  13. Re:His system is great and all but... by Kryten107 · · Score: 2, Informative

    Hopefully in the coming years some open source projects will get started to do what Home server will be doing. Take a look here: http://www.ubuntuhomeserver.org/ Yes, I know, it's Ubuntu, but the point is that there are some people in the community that are trying to make it happen. Almost all the necessary services exist, it's just a matter of gluing them together and slapping a decent GUI on it.
  14. Re:USB drives?!? by hmallett · · Score: 5, Funny

    When is your next book "More Typo's I found on the Internet" coming out?
    It's late and nitpick stuff like this has been driving me nuts all week.

    There shouldn't be an apostrophe in Typos...

  15. Suggestions by LuSiDe · · Score: 3, Informative

    OpenBSD on a fileserver? Firewall, sure. Fileserver w/RAID and disk encryption, no way. I would leave that task to FreeBSD (FreeNAS) or Linux (CryptoBox, Openfiler). If you are desperate for encrypted FS + RAID you can use MD + LUKS (Linux) or GRAID5 + GELI (FreeBSD) those are all available via FreeNAS, CryptoBox, and Openfiles. Suffice to say both have proven their stability, have a rich set of features (e.g. LRW), and are simple to set-up. The end-user NAS solutions are pretty sophisticated and have good web interfaces.

    20 MB/sec is quite a shit performance IMO however if you don't use gigabit it'd be good enough. With GELI there is about 55% overhead compared to plain text. I haven't compared LUKS to plain text hence can't compare. On a side note, I doubt its useful to encrypt data you're receiving from distributed areas, nor that its useful to put such data in a RAID. A NAS doesn't run BitTorrent. If you're paranoid whereas you share your data over SMB, that might be the weakest point.

    For our ricer folk, a nice, expensive RAID controller is necessary. For the smart people among this planet: do software XOR by getting an EE (or SFF) dual core AMD which are cheap and have a a low 10 idle W and have a low TDP (the SFF has 35W TDP). Get 4 Samsung SpinPoint T166 SATA (silent, low power, best bang for buck) and you have 1,5 TB RAID. All in all this costs about 650 EUR (probably less in USA) w/all hardware new including case, 2 * 1 GB RAM (2 * 0,5 GB would suffice too), and PSU. I should know, I bought and build such machine.

    Forget ZFS for now. OpenSolaris has bad hardware support, and it is only partly ported on FreeBSD 7.0-CURRENT where it isn't stable and a bug in it takes the whole system down. While it does have a rich set of features, it also doesn't support encryption yet, although the feature has been planned for a year and perhaps on FreeBSD it can be used together with GELI. Performance of ZFS is also not to write home about compared to GRAID5. ZFS isn't mature yet. Nor is FreeBSD 7.0-CURRENT, ofcourse. It'll be part of FreeBSD 7.0 however, as an experimental feature.

    --
    WE DON'T NEED NO BLOG CONTROL.
  16. Re:OK by thc69 · · Score: 4, Funny

    WTF
    IsA
    NAS
    ?
    http://en.wikipedia.org/wiki/Nas
    --
    Procrastination -- because good things come to those who wait.
  17. Re:Been looking for something like this by CastrTroy · · Score: 2, Informative

    Actually, Identical drives are in fact, not identical. What they are is built to the same specifications. They actually use different atoms and molecules to make up the components of the drive. They were most likely manufactured on different days, or at least at different times. If you took two drives from the same production line, and put them through the exact same usage, I imagine the probability of them both breaking within the same week to be somewhere close to zero, maybe even close to requiring the "Heart of Gold". I've never seen a corporate Raid setup that used different models of drives for drives in the same array, and have never heard of this being an issue.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  18. Re:USB drives?!? by Thing+1 · · Score: 2, Funny

    Yeah sorry, It's late and nitpick stuff like this has been driving me nuts all week.

    "Why do you have a captain's wheel around your waist?"

    --
    I feel fantastic, and I'm still alive.
  19. Re:Not really a very fair description by Amouth · · Score: 2, Interesting

    interestingly I have had localized brown outs in parts of my house....

    I have underground power and water got into the line.. and one of the legs would drop in voltage for no reason.. so instead of 2 120v legs coming in I had 1 120 and 1 60v leg.. when say the heater would cut on power would bleed across from one leg to the other and things would work but when it turned off anything that was on the 60v side would brown out..

    it was odd as hell.. if I unplugged my fridge then half the house would start working again .. none of it made since - that is until I realized that my power meter wasn't working (one of the new digital ones).. as soon as I turned off the main breaker the power meter would boot up and be good.. so I called the power company.. they strapped a solid state transformer to my house for a week so I could live off of 1 120v leg until they could repair the line...

    but due to over doing UPS's .. none of my computers ever lost power.. hell I was online playing games during the last few hurricanes..

    --
    '...if only "Jumping to a Conclusion" was an event in the Olympics.'
  20. Re:Software RAID by drinkypoo · · Score: 2, Interesting

    The only advantage to buying a RAID controller is that you get a lot of connectors. Otherwise, if you have any even fairly decent CPU, and you're not doing anything but shoveling data and maybe some logging, the main processor beats the living shit out of almost any CPU on any RAID controller. There are limited exceptions but those cards are highly spendy. And keeping a lot of data off of the interface bus. Hardware RAID controllers are all about delegation. Get the data off the bus and onto the card as fast as possible, without sending it over the bus multiple times. Which is less of a concern in the days of boards with 30+ PCIe lanes. [...] Instead of being able to tell the controller "write these X bytes of data" and only sending X bytes across the PCI bus, with Software RAID, you're probably looking at at least 2x (RAID1) up to 4x (RAID5) the bandwidth usage to write data.

    It's true that the more computation is involved, the more serious the bus bandwidth issue gets. This is an excellent reason to build software-based RAID systems with Hammer-core processors today; they have their own memory controllers onboard. Thus the RAID processing doesn't involve a bunch of bandwidth over the only bus interface on the chip.

    Also, the more cache you have, the less times the processor is actually going to go to main memory, which reduces the bus bandwidth used in RAID computations. So the ideal situation (to do this on the cheap anyway) is to use the cheapest K7-n processor you can find that has a lot of cache, and get the best of all worlds. (Plus HT links are faster in the newest processors, yes?)

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"