bubbaQ Posted July 19, 2016 Share Posted July 19, 2016 The point is not to deny a thief the use of the box, but to protect your files from being revealed. Personal data (tax returns, etc.), client data, or just your own personal pictures or videos. Even simple encryption would protect you form basic criminals or identity thieves. Quote Link to comment
Marv21 Posted January 20, 2017 Share Posted January 20, 2017 Encryption is the only thing, why i didnt change to Unraid. In the moment Iam using another Software, which Pools Drives and do the parity. This Software works under Windows. So basically, when my Server starts, the Server starts and writes Paraty when things are written. I then remote into the Server and write my Passwort in DiskCryptor. Then i manually start the "Array Pool". Works fine. The cool thing is, i dont have to Encrypt everthing, just the one "Array Pool". I have 2 Array Pools. One with privat things and one with Servers (Teamspeak, Bonjour, Bitcoin, my Surveillance Software and so on) which have to Start immedialty after Start from WIndows and cant wait for me to decrpyt them first. Everthing with only one parity drive. If more then one drive would failed, i could (tried it) take the others disk and could decrypt them with DiskCryptor on another Windows. Please do something similar: After the Server has to restarted, you can start the "privat" array via WebInterface with the right Password. VM´s can start instantly. I would like to go away from the Windows Solution, because evertime i need an Windows Update or a new Porgramm is installed, i had to restart and i needed to decrypt again and start the array. I think a Linux Based Solution is more robust. Quote Link to comment
Dymium Posted January 20, 2017 Share Posted January 20, 2017 That's the same reason why I haven't switched full to Unraid. I would like to have the data encryption in rest option. When the server is shutdown (or stolen) and then booted op again, you can't access the data without validating that you have the right to access it. This could be via a few options: - Password at boottime in console or via webinterface - Keyfile on USB disk or Yubikey which is only read during start-up of Unraid. This way the USB key can be removed after the system has started and is only needed during reboot/startup. Both ways, password or keyfile would prevent unauthorized users to access your data without the password or key. There are a lot of other options you can use to encrypt you data in rest: Veracrypt container or gpg containers Use a Linux VM in between with: https://www.cryfs.org/ Run encryption software on the client machines that access Unraid for example: https://cryptomator.org/ https://www.boxcryptor.com/en But it would be nice to have it standard within Unraid like other NAS solutions have. Quote Link to comment
Marv21 Posted January 21, 2017 Share Posted January 21, 2017 Dont like the USB-KEy Method, because you have to be pyhsically there. I have one Server in a Company, and dont want to drive there after a Power Loss or something like this. FreeNas supports Encrpytion maybe copy them Cant use Containers. You cant create a Container bigger then you smallest drive, i think so? So i need to create 8 containers and copy the shares all over them? naah. With a VM Between, i can go like now. ESXI, one FreeNas and one windows. The last one you mention is possible, but to "hard" for my folk Quote Link to comment
Dymium Posted January 22, 2017 Share Posted January 22, 2017 That's why I would like the choise: USB key, password or both. Up to the user what to use. I don't think they can just copy the FreeNas solution I think FreeNas, just like QNAP and Synology, have a RAID storage pool in place and on that storage pool you can create a volume (encrypted or not). Unraid works a bit different, I has a number of seperate disks and calculates the parity with the data on those disks to a parity disk (a bit like SnapRaid and some FlexRaid solutions do). Therefore there is no "single volume" to encrypt. What I think for Unraid a solution could be is encrypting one, multiple or all disks (user could choose), and mount those necrypted disk at boot-time with the encryption password/usb key. Those mountpoints would then be part of the Unraid array (instead of the original partition mount), and after this the array would be started. For the Unraid array itself it would then be completely transparant. But I could be wrong in this :-) Quote Link to comment
jmagnusson Posted February 6, 2017 Share Posted February 6, 2017 Just bought myself a dedicated computer to act as a Linux-powered NAS and virtualized gaming unit. I thought unRAID would be the perfect OS for this considering its ability to use VT-d. Now if only you had encryption support as well so one wouldn't have to worry about physical theft. So for now I'm leaning a bit towards rolling my own using this guide. Quote Link to comment
swagmacdui Posted January 17, 2020 Share Posted January 17, 2020 (edited) On 7/19/2016 at 5:02 AM, bubbaQ said: The point is not to deny a thief the use of the box, but to protect your files from being revealed. Personal data (tax returns, etc.), client data, or just your own personal pictures or videos. Even simple encryption would protect you form basic criminals or identity thieves. Definitely agree. Can you suggest any kind of file encryption software? Heard about Nordlocker (that's a bit better than software like Boxcryptor) and found a free version on site https://nordlocker.com , but not sure if it's worth. What do you think? Thanks in advance. Edited January 17, 2020 by swagmacdui clraification Quote Link to comment
itimpi Posted January 17, 2020 Share Posted January 17, 2020 19 minutes ago, swagmacdui said: Definitely agree. Can you suggest any kind of file encryption software? Heard about Nordlocker (that's a bit better than software like Boxcryptor) and found a free version on site https://nordlocker.com , but not sure if it's worth. What do you think? Thanks in advance. Not sure why you responded to a 2 year old post? What is wrong with the LUKS based encryption that has been a standard feature of Unraid for some time now? 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.