Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Passwords in fstab

Posted on 2006-06-15
5
Medium Priority
?
991 Views
Last Modified: 2013-12-16
Heyy Experts!

I have a troublesome user that keeps bugging me about this really little problem....I've been annoying him for a while...but I don't have anything else left to do so I'm going to attempt to appease him.

In fstab I have a network share that gets mounted like this:

\\server\share  /mnt/BKUP  smbfs  user,password=something,uid=501,gid=501,username=thatguy  0  0

He doesn't like the fact that his Windows domain password is used in a plain text file and there is no encryption. All my linux boxs are no on the Windows domain because our IT department doesn't support it (that's why I have a job!).

1) Is there anyway to have passwords in fstab encrypted?
2) is there a better (encrypted) way to mount of file system?

It can't involve joining the domain or anything like that..."they" (IT) won't allow such a stable system run on there domain.

Let me know what you think.

Thanks!

Rob

500 POINTS cause I want to shut up my silly user!
0
Comment
Question by:qball2k5
  • 5
5 Comments
 
LVL 22

Accepted Solution

by:
pjedmond earned 2000 total points
ID: 16917015
The concept of plaintext passwords scares the hell out of me. I'd normally insist that my shares are mounted as part of a domain, or unified authentication setup, however, Suse, and Novell have a solution:

http://www.novell.com/coolsolutions/trench/16445.html
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917022
Much nicer:

http://www.fedoraforum.org/forum/archive/index.php/t-2696.html

credentials file :)

As pointed out the password is still in clear text in the credentials file, but the file is not world readable.

HTH:)
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917028
Not sure that there is any real point in encrypting the password, as it is sent over the network in clear text, so a sniffer could also collect the password. To do anything more secure, then the Windows people will need to improve their security.
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917037
An encrypted solution for BSD...should be appliable to Linux?:

http://www.linuxformat.co.uk/index.php?name=PNphpBB2&file=viewtopic&p=19706
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917047
Looks like the 'credentials' approach is the expected way to deal with this, by putting the username and password into a file that the user only has access:

http://en.opensuse.org/SDB:Access_to_Windows_Shares

for another example......of course if he doesn't like it....get him to mount it manually:)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Fine Tune your automatic Updates for Ubuntu / Debian
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month12 days, 14 hours left to enroll

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question