# Mounting Remote Encrypted Files/Partitions Question

## SD Lead Sponge

I am looking for the ability to mount an encrypted file/partition remotely, and perform the decryption on a secure computer mounting the remote partition.  That is, only the secure computer mounting the remote partition performs the encryption and decryption.  The interconnecting network and the machine hosting the backup see ciphertext alone, NEVER any passphrases or plaintext.

In short, I'm wondering the best method to mount a partition/file remotely that will not have a recognized filesystem so I can then use my local encryption software to deal with it.

Any and all comments are appreciated,

-sdls

----------

## Sadako

With NDB (Network Block Device), you can access raw block devices over a lan, you mount the remote nbd device on the local machine and you can have any filesystem you want on it, so you should be able to run cryptsetup on the /dev/nd0 node.

----------

## SD Lead Sponge

Are you familiar with NBD?  My concern is if it is stable or not.  Corruption is bad in general, and corruption of an encrypted volume can be very bad pending what portion was corrupted.

----------

## RoundsToZero

It's in the kernel and not marked experimental or anything so it should be fine.  Why not try it out and stress test it with a large file and check md5sums or something?

----------

## SD Lead Sponge

I went ahead and installed nbd on the client and host machines.  It has worked well so far.  I haven't "stress" tested it yet.  But I did transfer around 50 GB to it and the data appears to be intact.  Pending time this weekend or the next, I will be rebuilding an older machine and I'll set aside several block devices for nbd and rsync to go crazy with.  I'll post the results.

Sorry for the late reply.

----------

