From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] concurrency
Date: Sun, 27 Mar 2016 06:33:55 +0200 [thread overview]
Message-ID: <20160327043355.GA10955@tansi.org> (raw)
In-Reply-To: <56F72F01.7020504@dodo.com.au>
Hi Hugh,
quite frankly, what you are doing is likely to corrupt your
filesystem beyond recovery pretty fast. It will also corrupt
data. Filesystems are _not_ designed to have changes on the
underlying block-layer without being notified. The only case
where this is safe is a read-only filesystem. You are tampering
with the fundamental assumptions the filesystem-designers
have to make.
If you want a filesystem that is not read-only to be visible
in several places, you need to distribute it at or above the
filesystem layer. Nothing else works.
That said, depending on your use-case, there may be options.
One is a read-only export and a different mechanism for
updates. You could tunnel NFS over OpenVPN or SSH or the like.
You may also be able to use rsync/rdiff-backup or even SVN
or git to synchronize data.
But putting the raw, LUKS-encrypted block device out there,
mapping it in different machines and and then mounting
read-write it is not a viable solution and cannot be one.
Sorry. This is a case where security takes some effort that
cannot be avoided.
Regards,
Arno
On Sun, Mar 27, 2016 at 01:53:21 CET, Hugh Bragg wrote:
> Hi Arno,
>
> Thanks very much for taking time to respond Arno.
> You're right. I'm sharing a virtual disk and trying to decrypt and mount
> that in multiple locations.
> The other thing I tried was mounting a disk image on a virtualbox shared
> folder.
>
> I don't want to need a dedicated server to deliver a decrypted
> filesystem because I don't want the decrypted data to be exposed to the
> network. I understand I could use secure communications, but this is all
> way too much overhead compared to what I'm trying to achieve.
>
> >From your response I gather that the answer is no, It doesn't support
> sharing of the raw block device with concurrent mounting.
> Is this just due to implementation or are there functional reason why
> this is so?
>
> I've been trying encfs and ecryptfs too, but they suffer from security
> and functional deficiencies.
> Is there some other solution that does support this setup?
>
> Thanks,
> Hugh
>
> On 27/03/2016 6:06 AM, Arno Wagner wrote:
> > Hi,
> >
> > in order to have a shared filesystem work, you need, well,
> > a shared filesystem! Do not under any circumstances share
> > the block-device or the LUKS-remapped decrypted block
> > device. I suspect you do soemthing like that, because
> > otherwise the question would not even arise.
> >
> > The rigth way to do this is
> > raw-block-device -> LUKS decrypted block device -> Filesystem
> > -> export of that filesystem, e.g. via NFS.
> >
> > (last two steps possibly one with other network filesystyems)
> >
> > Of course, NFS (or the network filesystem of your choice)
> > has some transactional assurances and is missing others.
> > For example, on NFS, nothing is atomic, except locks
> > or rename operation (as far as I remember).
> >
> > But if you do follow the right layering, what you have is
> > not a LUKS problem at all, but something stemming from the
> > filesystem layer and possibly wrong assumptions about the
> > assurances it offers.
> >
> > Regards,
> > Arno
> >
> >
> >
> > On Sat, Mar 26, 2016 at 15:50:10 CET, Hugh Bragg wrote:
> >> Should I be able to use Luks concurrently on a shared filesystem from
> >> different computers?
> >> Attempts so far have failed with writes not being seen from the other
> >> computer until both computers remount the filesystem or reboot.
> >> Specifically, virtualbox shareable disks and shared folders, but
> >> potentially, any nfs/cloud storage.
> >>
> >> Am I missing something or is there another tool for this case?
> >> _______________________________________________
> >> dm-crypt mailing list
> >> dm-crypt@saout.de
> >> http://www.saout.de/mailman/listinfo/dm-crypt
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
next prev parent reply other threads:[~2016-03-27 4:33 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-26 14:50 [dm-crypt] concurrency Hugh Bragg
2016-03-26 20:06 ` Arno Wagner
2016-03-27 0:53 ` Hugh Bragg
2016-03-27 4:33 ` Arno Wagner [this message]
2016-03-27 8:31 ` Hugh Bragg
2016-03-27 15:49 ` Arno Wagner
2016-03-27 16:30 ` Hugh Bragg
2016-03-27 7:51 ` Milan Broz
2016-03-27 16:52 ` Michael Kjörling
2016-03-27 17:56 ` Hugh Bragg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160327043355.GA10955@tansi.org \
--to=arno@wagner.name \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox