Thanks for your answer Nick! It's not so clear to me how this can be implemented only on the remote server side since files are uploaded by Guacamole without any involvement of the remote server, unless it somehow monitors the folder and each time a new file is created it encrypts it immediately. I will look into it, thanks!
On Wed, 4 May 2022 at 00:04, Nick Couchman <[email protected]> wrote: > On Tue, May 3, 2022 at 3:50 PM gabriel sztejnworcel <[email protected]> > wrote: > >> Hi, >> >> Was there ever a discussion or suggestion to implement encryption for >> files transferred in RDP sessions through redirected folders? So that if >> someone gets access to the Guacamole server, they won't be able to get >> these files, which might contain sensitive information. >> I thought of creating a key for each session, when the file is uploaded - >> use the key to encrypt it. When the file is read from within the RDP >> session - decrypt the requested portion. The encryption itself might be >> challenging as it needs to be in parts. >> >> For download - maybe it's possible to stream the file to Guacamole client >> immediately and not store it on disk instead of encrypting it. >> >> Wondering if someone ever tried it or if someone else thinks it's useful. >> >> > Well, you could do this entirely on the remote desktop side and it > shouldn't be a problem, you'd just have to install some sort of encryption > software that encrypts the files before they land on the redirected folder. > The redirected folder is really just an internal file share presented by > the RDP client (\\tsclient\share), so you just need some way to enable, > encourage, and/or enforce encryption on the RDS host. It's been a little > while since I messed around with client encryption software, but back in > the day there were Open Source items like TrueCrypt and VeraCrypt that > could do this cross-platform, and I know there are also commercial > solutions. While this method is somewhat disruptive - it means additional > software/steps for the user - it is the most secure, as it allows for > encryption on a per-user basis, which means that no one, not even the root > user of the guacd server, can decrypt the files. > > Beyond that I suppose guacd could be extended to support transparent > encryption of the files as they land; however, this would mean that the > encryption keys for the files would be stored on the guacd server, so if > someone compromised that server, they could still get access to the files > and decrypt them. I think some filesystems - like ZFS - support transparent > at-rest encryption and can manage access to keys, use hardware keys, etc., > so there may be some possibilities, there, as well. This is a bit out of my > areas of experience/expertise, though. > > -Nick >
