How can I setup an encrypted directory where root cannot see by sudoing to my user but sftp can?

vaidab

3/18/23, 2:39 PM

I have a standard user on a remote Ubuntu server where I code and I'd like to keep some of my files private from a "sudo myuser" by root. (E.g. config files) Those files would also have to be accessible for when the IDE deploys to the remote account (which is done by sftp). Is this possible?

0 + 0

encryption

permissions

security

root

sftp

Score:0

Ubuntu

nickcrabtree

3/18/23, 5:58 PM

This is not possible to solve in the way you are trying. The root user has full access to everything on a system, and there is no way to change this.

What you probably need to do is remove the ability of other users to become root. This question has details of how to achieve this. Take care though: remember that you will always need one user who can become root (or to set a root password) otherwise you will be unable to maintain your system.

0 + 0

vaidab

3/20/23, 7:27 PM

I was thinking something around virtual filesystems that I can mount with a password and another instance of my user won't see them. Is this a wrong direction?

vaidab

3/21/23, 8:33 AM

E.g. with an environment password that a new user wouldn't have.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How can I setup an encrypted directory where root cannot see by sudoing to my user but sftp can?

TH: ฉันจะตั้งค่าไดเร็กทอรีที่เข้ารหัสโดยที่รูทไม่สามารถมองเห็นได้โดย sudoing กับผู้ใช้ของฉัน แต่ sftp ทำได้

RO: Cum pot configura un director criptat unde root nu poate vedea prin sudo utilizatorului meu, dar sftp poate?

RU: Как я могу настроить зашифрованный каталог, где root не может видеть с помощью sudo моего пользователя, но может sftp?

VI: Làm cách nào tôi có thể thiết lập một thư mục được mã hóa mà root không thể nhìn thấy bằng cách sudoing cho người dùng của tôi nhưng sftp thì có thể?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.