Remote X via winXP and Xclient security
mv at roq.com
Tue Mar 7 06:54:36 UTC 2006
I was wondering if any one had some ideas on my little problem / goal.
I have been testing out using a X-cygwin and my X server in windows XP
and FreeBSD / KDE as my X client via ssh, I really like this and was
thinking of using it at work for many reasons I don't want to have to
My question is that since I can easily copy my home directory to a
FreeBSD server and remote X into I have the problem where other people
who have root access can easily read all the data in my home directory,
does any one know of some kind of system where you can remote X into a
machine and mount some kind of encrypted set of files in my home dir
over the network? So they look like regular files to my on my X server
in X-cygwin but aren't readable on the FreeBSD X client (what often
would actually be considered the server to most people).
The idea isn't to be ultra secure but just secure enough so that people
who have root access on the FreeBSD X client machine can't conveniently
spy my home dir.
I do use GBDE filesystem encryption in a standalone file form so I can
have portable backups but since they are mounted on the actual server it
makes just as easy to view the mounted files.
I haven't seen how far ACL and chflags can go, but considering a root
user could su to another users privileged it couldn't be stopped.
You could arguably look at it that I am looking for a 'ssh-agent' of
encrypted file systems as in something that sits in memory and is
willing to give me the information when I want it but still be that
degree more difficult to get at from anyone else. Just like ssh-agent
this is something between security and convenience.
More information about the freebsd-questions