Building a Fully Encrypted NAS On OpenBSD 196
mistermark writes "Two years ago this community discussed my encrypted file server. That machine has kept running and running up until a failing drive and a power outage this last week. So, it's time to revise everything and add RAID to it as well. Now you can have an on-the-fly encrypting/decrypting NAS with the data security of RAID, all in one. Here is the how-to."
Netcraft... (Score:5, Funny)
Pretty In-depth (Score:2)
Re: (Score:3, Interesting)
I'm shocked the raid tools for OpenBSD aren't better then that. Not a dig at it, OpenBSD generally prides itself on exceptional tools. OpenSSH, CARP (their replacement for VRRPD), their firewall tools and everything else. Linux has a system call that can be used to monitor the status of a RAID array. It can kick off an arbitrary command, including starting up recovery and/or e-mail alerts. Technically the system call doesn't, but the mdadm tools that use the system call can.
I really hope somebody repli
Re: (Score:2)
Re: (Score:2)
By-the-by, most simple functions can be performed via webmin or some other admin tool, in a way that is platform-agnostic to the user. Well, when the module is written correctly, that is. A number are very poor. However,
Re: (Score:2)
However, only an idiot would rely solely on the command line for everything. Why? Let's look at Linux for a moment. You're pretty much guaranteed ash-level scripting at a minimum on the system, but any shell script on the s
Re: (Score:2)
I believe the mdadm tools on Linux actually block the system call until on a change in the status. I didn't state that clearly. So you get immediate notification, RAID re-builds. I wrote something that checked every 2 minutes on all of our RAID devices (Nagios and scripting are great). Generally mdadm and it's alerts informed me once I had those setup, soon enough that could go in and disable the Nagios alerts prior to it noticing.
Kirby
Re: (Score:2)
If you read the actual mdadm code (I used v2.6.2 from http://www.cse.unsw.edu.au/~neilb/source/mdadm/ [unsw.edu.au]). Looking at Monitor.c 487 of the Monitor function, it "polls" the file. Waiting 60 seconds (by default, you can set the delay lower). However, if you look at the mdstat_wait(int) call, you'll notice that it's doing a select on the "/proc/mdstat" file. It'll break out of the select if fairly quickly. Force a mirror break, and if you have it setup to get an e-mail, you'll have the e-mail with in your i
Re: (Score:2)
Not really a very fair description (Score:2)
But at the end of the day, no matter how many things you think about, no matter how much effort you go to, there is always something that gets missed. AFAICT, he's only got one power supply and no UPS on there, and on any large filesystem I'd consider journalling (or Soft Updates on OpenBSD) a must these days.
You can build a system in which nothing
Re: (Score:2)
Re: (Score:2)
P3 ABIT BE6II board, 512 megs ram 100Mbps ethernet.
I have a small boot drive, only has the OS and made a ghost (it crashes I don't care, just pop in a new disk and restore the image).
I have a pair of 300gig drives for dynamic content, they are mirrored.
I have JBOD for everything else (static content like media files) the static content is either unimportant, or already on backup media (DVD). I've found this is the ideal balance for me and servs my needs nicely.
Wouldn't
Re: (Score:3, Interesting)
I have underground power and water got into the line.. and one of the legs would drop in voltage for no reason.. so instead of 2 120v legs coming in I had 1 120 and 1 60v leg.. when say the heater would cut on power would bleed across from one leg to the other and things would work but when it turned off anything that was on the 60v side would brown out..
it was odd as hell.. if I unplugged my fridge then half the house would start workin
Re: (Score:2)
What mistakes did he make this time?
I guess we will never see a slashdot frontpage story about the guy who followed the directions in this howto and lost all his files and wasted a lot of time.
All I'm saying is if you write a howto about this AND it gets posted to slashdot AND ends up on the fronpage, you better be damn good because people will follow this blindly and who knows what he forgot this time around...
As I stated above, had this not been on the frontpage
Re: (Score:2)
Re: (Score:2)
All I'm saying is if you write a howto about this AND it gets posted to slashdot AND ends up on the fronpage, you better be damn good because people will follow this blindly and who knows what he forgot this time around...
While I'd agree that ideally you want something really good if you are being published on slashdot, if anything because of the scrutiny of the audience, I don't think many would agree with your suggestion about people who follow the instructions blindly. Beside the fact that no instructi
Re: (Score:2)
Re: (Score:2)
The first two are somewhat reversible, depending on needs of course.
Please note the lack of "enterprise-ready" here, this is for mom-and-pop file servers and home use.
Re: (Score:2)
OTOH, if you're going to be doing mirrored drives with a dedicated hot-spare... why do it as a (2) disk active (1) disk as hot-spare setup? Why not make it a (3) disk active RAID1 setup where all three drives are in use at all time.
You cut your recovery window (the time period during which you're only running on a single drive) down to zero. You'll have to experience a triple failure (not just a double failure) before losing the entire array. You're le
Re: (Score:2)
Judging by his mistake with the fsck he forgot the last time I sure as hell hope people don't just blindly follow his directions this time. God knows what he might have missed this time around.
Had it not made the frontpage and/or had been buried in askslashdot I couldn't have cared less.
Re: (Score:2)
You must be new here.
One link in the chain... (Score:4, Insightful)
I wonder, are there any full HOWTO's on this? 802.1x and IPSec both come to mind. The protection is useless if the server is powered on of course.
Re:One link in the chain... (Score:5, Insightful)
Most people on the planet don't speak English natively, and a large part of the Slashdot population is from that group.
Since you can't tell if the OP does or does not belong in that group, being a little less harsh would make the world a nicer place. Why not start there?
Re: (Score:2)
Also note that quotations are always preceded with a comma, and always followed by a comma (inside the quotation marks). Your example sentence should be, 'Saying, "kudo's," means, "belonging to kudo," which I don't think you meant.'
Colons are only used in written English to delineate lists of words or phrases: to demonstrate proper sentence technique, to accurately correct someone's grammar, etc. In
Been looking for something like this (Score:2)
Re: (Score:3, Interesting)
Identical drives are just that, identical. This means that they also are very likely to fail at the same time or may not survive a RAID reconstruction process to rebuild the other failed drive.
My advice would be to make them identical only in size and maybe the interface, but for the love of God, do pick different manufacturers and production m
Re: (Score:3, Informative)
Re: (Score:2)
If you took two drives from the same production line, and put them through the exact same usage, I imagine the probability of them both breaking within the same week to be somewhere close to zero, maybe even close to requiring the "Heart of Gold".
If you took 10 drives, though, the probablility of 2 of them failing within a week of each other is probably around .5.
Re: (Score:2)
Not really, the physical sector size only matters when doing a hardware RAID, but even then, most modern controllers cope quite well with different disk.
Some people claim that identical sector sizes help performance somewhat, but so far, I haven't been able to reproduce any evidence for this.
Re: (Score:2)
If you'd read TFA, you might have noticed that we're not in a enterprise level setting here.
On the contrary, the suggested solution is advertised for home use. As such, entry-level disks are being used, not the expensiv
Re: (Score:2)
According to Google [google.com], consumer grade hard drives fail at the same rates and with the same predictability as enterprise grade drives.
Outside of a few specific cases (death star's, for instance), buying a bunch of the same disks will work just fine, and going to great lengths to get drives from different manufacturers and manufacturing lots doesn't seem to be worth the effort.
Re: (Score:2)
Re: (Score:2)
What I like less is the mandatory use of ReiserFS. Any idea if they plan to support other filesystems?
Do you have actual experience with this product?
Re: (Score:2)
The redundancy solution in this product looks nice. Pity that it is closed source.
As a SuSE user I have ReiserFS filesystems on many systems, but on my mediaserver I used EXT3. It is slower, but for the operations done on this server it is not important. It looks like ReiserFS is on the way to be deprecated in
Re: (Score:2)
Really? I'd not heard that...is it because the developer is in jail?
What FS appears to be the one to use now on a Linux system?
Re: (Score:2)
Some time ago, maintenance on version 3.6 has been abandoned by Hans Reiser in favor of working on the 4.0 version. A few people at SuSE continued to work on it, but received negative comments from Reiser (who accused them of introducing new bugs). Of course the environment at SuSE has changed as well, and there has been an announcement that they will stop as well.
T
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
However, I'd still shy away from using the device for swap or temp/log files. Any extra strain on these types of devices could probably spell bad news.
While I agree in principle, you should be okay if you keep the device mostly empty. They do block remapping and rotate through blocks...
The amount of RAM you would need is very minimal, especially on a home setup, with maybe 5 computers accessing it, and any gain you'd get from adding swap would probably be offset by the longevity of the server.
RAM is pretty cheap these days. Slap even half a gig in there and you will probably never feel a crunch (we're talking about an appliance here.)
As for logging, I would like to have support to store it on a logical volume, on an actual volume, or across the network.
Re: (Score:2)
The slackers way of doing it:
needs usability (Score:4, Interesting)
Encrypted backups should be default and easy, with reminders.
You need multiple keys: whole-system, per-user, and swap. The swap key gets replaced at boot with something random.
Ultimately, it needs mandatory encryption. This would exclude OpenBSD; you need a mandatory policy framework like SE Linux to make it happen. Mandatory encryption means that normal users are prohibited from removing data from the machine without first encrypting it in an approved way. This most likely solves part of the backup problem. It also reduces the insider threat, while still allowing transfer of data between secure machines.
Re: (Score:2)
Re: (Score:3, Interesting)
Re: (Score:2)
that would be blocked (Score:2)
If you do in fact have the key on your laptop, then you must have been authorized to carry the data around without encryption. That would be unusual.
The idea is that you can put an encrypted blob onto your insecure laptop, take this to a different secure machine which has the key, and then get access to the content on that secure machine. The laptop (or DVD-R, or CompactFlash) can't decrypt since it lacks the key.
ZFS (Score:2, Offtopic)
Any idea if OpenBSD supports Sun's ZFS filesystem?
-metric
Re: (Score:2)
Re: (Score:2)
The EPIA is nice but probably too slow for ZFS. At the vey least you can only use it as fileserver and will have to delegate other applications to other computers. Why not get a cheap, low-power dual-core AMD
This sounds great and all.. (Score:2)
freenas... (Score:5, Informative)
1. download FreeNAS [freenas.org]
2. install to USB/CF drive (it needs ~32Mb)
3. configure * reboot on the USB/CF drive (or if your mobo cant boot to those, maybe a CD or spare HD)
4. ?
5. Profit!
Tm
No SMB (Score:2)
Re: (Score:2)
Re: (Score:2)
Pretty Useless (Score:5, Insightful)
Seeing as that he uses per-volume encryption, this is pretty useless. It makes his 'server' pretty much a single-user NAS box, because as soon as another user gets an account to access the file server, they get access to the data.
Data encryption on a fileserver only makes sense if it is done on a per-user level. This is not News for Nerds, as this is basically just another implementation of how to encrypt your local disk.
MartRe:Pretty Useless (Score:5, Insightful)
As long as the server remains physically secure, and assuming there aren't gaping root privilege holes in the security, the files on the disk are still protected by the file system permissions. As long as the users can trust the admin, they don't have to trust each other.
Data encryption on a fileserver only makes sense if it is done on a per-user level. This is not News for Nerds, as this is basically just another implementation of how to encrypt your local disk.
Databases with private information like credit card or social security numbers should be on encrypted disks. Not to protect against users, but to protect against the drive being replaced or stolen before it can be wiped (secure wiping is not necessarily secure either, especially as drive technology advances, since what was wiped 5 years ago may be easily readable now).
There's really no advantage to having a server encrypt and decrypt each user's data with a different key. The server will have to know all the keys to perform the decryption at least (public keys allow secure encryption without the server knowing the private key), so it's only as secure as encrypting the entire drive and then relying on filesystem permissions. Root will always be able to read any files that are encrypted/decrypted on the server itself. If clients encrypt their files before storing them on the server, then the server can safely store everything in plaintext.
Re: (Score:3, Insightful)
There is really no advantage to encrypting data if you have other means to restrict access to a server.
Volume encryption only makes sense if there is a significant risk of losing physical control over the volume, i.e. on portable media. If your hypothetical server with private information is not in a secure datacenter, you're doing something wrong.
So, considering that a fileserver will have some form of access control anyway (in case of this NAS box, the locks on his house), why encrypt the entire volume
Re: (Score:2)
Physical security mitigates the threat of an attacker gaining physical access to the machine. Disk encryption mitigates the threat of an attacker gaining access to the disk (e.g. theft). File encryption mitigates the threat of an attacker gaining access to the running system (e.g. over the network). For good security you should use all of these tools.
Re: (Score:2)
Unless you want to pay to have someone shred your used hard disks, encryption is really the only safe way to keep the data on them secure. If you want warranty replacement on dead disks, you'll probably have to send them back for an RMA with the data still on th
Re: (Score:2)
That makes even less sense. How does the server authenticate the client? If the server just decrypts and serves up the data to any client that connects, what's the use of encrypting? And if the server requires authentication to serve up the data, it could implement access controls just as easily. That leaves you with keeping data secret from other users/the administrators/someone with a warr
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The server authenticates clients the same way a traditional setup does,
Re: (Score:2)
If, as the original poster suggests, a large number of people in your organization have to have access to the key for this to work, then it doesn't really add much security--stealing the key off someone may not be any harder than stealing the drive.
Re: (Score:2)
The server has a single key which uses it encrypt/decrypt the data on the disk. It sends plaintext to the users, or optionally uses some other encrypted protocol to get the data to the clients. The users don't see the hard disk key. Other access controls are n
Re: (Score:2)
There's really no advantage to having a server encrypt and decrypt each user's data with a different key. The server will have to know all the keys to perform the decryption at least (public keys allow secure encryption without the server knowing the private key), so it's only as secure as encrypting the entire drive and then relying on filesystem permissions. Root will always be able to read any files that are encrypted/decrypted on the server itself. If clients encrypt their files before storing them on
User encryption and key escrow (Score:2)
Suggestions (Score:4, Informative)
20 MB/sec is quite a shit performance IMO however if you don't use gigabit it'd be good enough. With GELI there is about 55% overhead compared to plain text. I haven't compared LUKS to plain text hence can't compare. On a side note, I doubt its useful to encrypt data you're receiving from distributed areas, nor that its useful to put such data in a RAID. A NAS doesn't run BitTorrent. If you're paranoid whereas you share your data over SMB, that might be the weakest point.
For our ricer folk, a nice, expensive RAID controller is necessary. For the smart people among this planet: do software XOR by getting an EE (or SFF) dual core AMD which are cheap and have a a low 10 idle W and have a low TDP (the SFF has 35W TDP). Get 4 Samsung SpinPoint T166 SATA (silent, low power, best bang for buck) and you have 1,5 TB RAID. All in all this costs about 650 EUR (probably less in USA) w/all hardware new including case, 2 * 1 GB RAM (2 * 0,5 GB would suffice too), and PSU. I should know, I bought and build such machine.
Forget ZFS for now. OpenSolaris has bad hardware support, and it is only partly ported on FreeBSD 7.0-CURRENT where it isn't stable and a bug in it takes the whole system down. While it does have a rich set of features, it also doesn't support encryption yet, although the feature has been planned for a year and perhaps on FreeBSD it can be used together with GELI. Performance of ZFS is also not to write home about compared to GRAID5. ZFS isn't mature yet. Nor is FreeBSD 7.0-CURRENT, ofcourse. It'll be part of FreeBSD 7.0 however, as an experimental feature.
Re: (Score:2)
On the software side it is hard to recommend OpenBSD for a file server. OpenBSD has traditionally lagged FreeBSD, NetBSD, and Linux when in come to file system access, and it would seem to still be the case. While anecdo
Re: (Score:2)
I used to run a minimal linux installation - and later OpenBSD - on an old P100 as a home server, and with decent NICs the bottleneck was always either the theoretical LAN speed or SMB. I now run an OpenBSD Samba server on a 600MHz VIA Samuel 2 Mini-ITX system, and that's only so I
Re: (Score:2)
Its funny how the OpenBSD zealots are always ACs. Why don't you go play in your own garden [undeadly.org]? Now, I give you a point for having implemented PKCS#5 PBKDF2 since OpenBSD 4.0 (quite late but still), but you still miss obvious features such as not limited to: LRW, key management, emergency destroy, changing password without encryption. Besides, t
BSD: Driver Deficit (Score:2)
That totally harshed my buzz on the thought of the project and put FreeBSD on the "still not
An explanation (Score:3, Funny)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Informative)
My $0.02 AU
Re: (Score:2)
Re:USB drives?!? (Score:4, Funny)
Jeeeeezus! Either I'm way behind the times, or your "GB" was meant to be perhaps a thousand times smaller.
Re:USB drives?!? (Score:5, Funny)
It's late and nitpick stuff like this has been driving me nuts all week.
There shouldn't be an apostrophe in Typos...
Re: (Score:2)
Re: (Score:3, Funny)
"Why do you have a captain's wheel around your waist?"
Re: (Score:2)
Don't use loop-aes anymore. (Score:3, Informative)
Use LUKS with a high iteration count as well (Score:2)
Re: (Score:2)
There are policy issues and known plaintext attacks against loop-AES
Can you elaborate on this? How about a link? Are you slandering Loop-AES because of a personal grudge, or something else?
Re: (Score:2)
Re: (Score:2)
So, the user has no other option than to use CBC and its probably secure (or not) variants that are included with loop-AES and TrueCrypt.
I was asking for evidence of "policy issues and known plaintext attacks against loop-AES". Still looks like slanderous FUD to me. For some perspective, please search the LKML for arguments between Fruhwirth Clemens and Jari Ruusu.
Re: (Score:2)
Re: (Score:2)
There is much to say about Jari Ruusu as well. Thanks for pointing our my sources were one-sided.
However, this quote of yours is a lie [lwn.net]. Update yourself. LRW is very important, and has been around since Linux 2.6.20. Its well worth changing to LRW if you're using LUKS. TrueCrypt dropped CBC altogether, in favour of LRW, merely only supporting CBC for backward compatibility. This is due to known attacks on CBC which LRW (and EME) mitigates. For example the watermark atta
Re: (Score:2)
Re: (Score:2, Informative)
Re: (Score:2)
Re: (Score:2, Informative)
Hopefully in the coming years some open source projects will get started to do what Home server will be doing.
Take a look here: http://www.ubuntuhomeserver.org/ [ubuntuhomeserver.org] Yes, I know, it's Ubuntu, but the point is that there are some people in the community that are trying to make it happen. Almost all the necessary services exist, it's just a matter of gluing them together and slapping a decent GUI on it.
Re: (Score:2)
Really though it won't be worth it at all - more than likely I'm thinking it will be retail only (HP, Dell, etc). Also, being Server '03, I'm guessing its gonna take a bit more power to run than what a cli install of Linux or BSD can make do with, meaning less options of older underpowered machines to use which can be found for dirt cheap...
NAS is an overused acronym (Score:2)
People need to stop using this and find more unique alternatives. Along with "MAC".
Re:OK (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Software RAID... sorry, but never use it. 3Ware SATA RAID cards are cheap enough that the cost savings just isn't worth it.
The only advantage to buying a RAID controller is that you get a lot of connectors. Otherwise, if you have any even fairly decent CPU, and you're not doing anything but shoveling data and maybe some logging, the main processor beats the living shit out of almost any CPU on any RAID controller. There are limited exceptions but those cards are highly spendy.
If you buy a super-cheap dual-core, say one of those $70 AMD chips, and slap some $10 host adapters in, you can probably get dramatically better perfor
Re: (Score:3, Interesting)
The only advantage to buying a RAID controller is that you get a lot of connectors. Otherwise, if you have any even fairly decent CPU, and you're not doing anything but shoveling data and maybe some logging, the main processor beats the living shit out of almost any CPU on any RAID controller. There are limited exceptions but those cards are highly spendy.
And keeping a lot of data off of the interface bus. Hardware RAID controllers are all about delegation. Get the data off the bus and onto the card as fast as possible, without sending it over the bus multiple times. Which is less of a concern in the days of boards with 30+ PCIe lanes. [...] Instead of being able to tell the controller "write these X bytes of data" and only sending X bytes across the PCI bus, with Software RAID, you're probably looking at at least 2x (RAID1) up to 4x (RAID5) the bandwidth usage to write data.
It's true that the more computation is involved, the more serious the bus bandwidth issue gets. This is an excellent reason to build software-based RAID systems with Hammer-core processors today; they have their own memory controllers onboard. Thus the RAID processing doesn't involve a bunch of bandwidth over the only bus interface on the chip.
Also, the more cache you have, the less times the processor is actually going to go to main memory, which reduces the bus bandwidth used in RAID computations. So t
Re: (Score:2)