Solved

Passwords in fstab

Posted on 2006-06-15
5
953 Views
Last Modified: 2013-12-16
Heyy Experts!

I have a troublesome user that keeps bugging me about this really little problem....I've been annoying him for a while...but I don't have anything else left to do so I'm going to attempt to appease him.

In fstab I have a network share that gets mounted like this:

\\server\share  /mnt/BKUP  smbfs  user,password=something,uid=501,gid=501,username=thatguy  0  0

He doesn't like the fact that his Windows domain password is used in a plain text file and there is no encryption. All my linux boxs are no on the Windows domain because our IT department doesn't support it (that's why I have a job!).

1) Is there anyway to have passwords in fstab encrypted?
2) is there a better (encrypted) way to mount of file system?

It can't involve joining the domain or anything like that..."they" (IT) won't allow such a stable system run on there domain.

Let me know what you think.

Thanks!

Rob

500 POINTS cause I want to shut up my silly user!
0
Comment
Question by:qball2k5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
5 Comments
 
LVL 22

Accepted Solution

by:
pjedmond earned 500 total points
ID: 16917015
The concept of plaintext passwords scares the hell out of me. I'd normally insist that my shares are mounted as part of a domain, or unified authentication setup, however, Suse, and Novell have a solution:

http://www.novell.com/coolsolutions/trench/16445.html
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917022
Much nicer:

http://www.fedoraforum.org/forum/archive/index.php/t-2696.html

credentials file :)

As pointed out the password is still in clear text in the credentials file, but the file is not world readable.

HTH:)
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917028
Not sure that there is any real point in encrypting the password, as it is sent over the network in clear text, so a sniffer could also collect the password. To do anything more secure, then the Windows people will need to improve their security.
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917037
An encrypted solution for BSD...should be appliable to Linux?:

http://www.linuxformat.co.uk/index.php?name=PNphpBB2&file=viewtopic&p=19706
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 16917047
Looks like the 'credentials' approach is the expected way to deal with this, by putting the username and password into a file that the user only has access:

http://en.opensuse.org/SDB:Access_to_Windows_Shares

for another example......of course if he doesn't like it....get him to mount it manually:)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question