Synology encryption key on USB stick

[stevenzd]

Hi all,
I am trying to protect my sinology with some encryption, but I want to get it right.
The idea I have is to put the encryption keys on a USB stick and plug the stick in the synology before the booting of the device and remove the USB stick during the night (after the synology is off).

This way I can use “automatic mount at boot” but still have the encryption key separated from the device.

Is it possible? Does my problem make sense? Where is the encryption key usually stored on the device? Is it possible to map this location to another folder/drive (such as a USB stick)?

Thank you for your help.
Steven

 

[stevech]

I prefer to trust my encryption to the freeware version of this:
http://www.safehousesoftware.com/
http://www.safehousesoftware.com/Download.aspx
Used it for many years.
It creates a file that is a virtual disk drive that is encrypted.
I have a 1GB file. In it are 100% of all my sensitive financial and other info.
The file lives on the NAS so it gets backed up three ways.
To "mount" this drive, it's two mouse clicks and a password. Much better than too-geeky TruCrypt.

That file can be copied to a PC or thumb drive and the freeware as well. That way I can access it on the road without having to connect to the NAS (which I've disabled due to the ransomware problems in the Internet).

I have a Synology but for several reasons, I prefer the above approach. Mainly that my data access is not tied to the NAS and risks thereof.

 

[stevenzd]

thanks for your reply.

your post does not really reply to my question....

the data has to bo on the synology and has to be available to all users without having them enter a password.
the solution I think is to have a script on a usb stick that will mount the encrypted drive.

thanks

 

[stevech]

My reply's first sentence says I prefer to NOT use encryption on my NAS. It is too risky.
What will you do when the NAS power supply fails, mainboard fails? What about portability of your encrypted data?

 

[AcostaJA]

My reply's first sentence says I prefer to NOT use encryption on my NAS. It is too risky.
What will you do when the NAS power supply fails, mainboard fails? What about portability of your encrypted data?

Data encryption not an issue on a NAS (or whatever you use it) as long you follow some multi platform std, as TrueCrypt.

In regard to this question, while there are plenty TrueCrypt clients, I'm not sure if there are an Synology version of TrueCrypt, on Linux you actually can mount an TrueCrypt volume and expose as an smb share while loading a key file from an usb, it's possible on Ubuntu at least, I don't know if there are another equivalent solution for Synology (or BSD *x) but what you pretend is something I've seen before on Ubuntu server. (you need an script mounting the TrueCrypt volume and if it's OK the script must create an smb share for such volume).

Nice idea for a feature request for the guys forking TrueCrypt (the original developer left the boat).