Solved

Passwords in fstab

Posted on 2006-06-15
5
961 Views
Last Modified: 2013-12-16
Heyy Experts!

I have a troublesome user that keeps bugging me about this really little problem....I've been annoying him for a while...but I don't have anything else left to do so I'm going to attempt to appease him.

In fstab I have a network share that gets mounted like this:

\\server\share  /mnt/BKUP  smbfs  user,password=something,uid=501,gid=501,username=thatguy  0  0

He doesn't like the fact that his Windows domain password is used in a plain text file and there is no encryption. All my linux boxs are no on the Windows domain because our IT department doesn't support it (that's why I have a job!).

1) Is there anyway to have passwords in fstab encrypted?
2) is there a better (encrypted) way to mount of file system?

It can't involve joining the domain or anything like that..."they" (IT) won't allow such a stable system run on there domain.

Let me know what you think.

Thanks!

Rob

500 POINTS cause I want to shut up my silly user!
0
Comment
Question by:qball2k5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
5 Comments
 
LVL 22

Accepted Solution

by:
pjedmond earned 500 total points
ID: 16917015
The concept of plaintext passwords scares the hell out of me. I'd normally insist that my shares are mounted as part of a domain, or unified authentication setup, however, Suse, and Novell have a solution:

http://www.novell.com/coolsolutions/trench/16445.html
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917022
Much nicer:

http://www.fedoraforum.org/forum/archive/index.php/t-2696.html

credentials file :)

As pointed out the password is still in clear text in the credentials file, but the file is not world readable.

HTH:)
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917028
Not sure that there is any real point in encrypting the password, as it is sent over the network in clear text, so a sniffer could also collect the password. To do anything more secure, then the Windows people will need to improve their security.
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917037
An encrypted solution for BSD...should be appliable to Linux?:

http://www.linuxformat.co.uk/index.php?name=PNphpBB2&file=viewtopic&p=19706
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917047
Looks like the 'credentials' approach is the expected way to deal with this, by putting the username and password into a file that the user only has access:

http://en.opensuse.org/SDB:Access_to_Windows_Shares

for another example......of course if he doesn't like it....get him to mount it manually:)
0

Featured Post

WordPress Tutorial 1: Installation & Setup

WordPress is a very popular option for running your web site and can be used to get your content online quickly for the world to see. This guide will walk you through installing the WordPress server software and the initial setup process.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question