On 10/18/05, Albert
Hi All,
I have been tasked by my company to set up a repository where we can store some documents which should be accessible by everyone in the group. Some of the documents must only be accessible by some people.
Originally we thought the easiest would be to setup a server accessible by everyone and simply scp everything using winscp to provide a simple interface to everyone.
We have also discussed setting up a VPN, but this might not be as simple as the two of the offices has no technical staff and I'm not really interested flying to the UK or US just to go setup a VPN on the client machines. Also the VPN should authenticate from Windows XP/2000 machines as it is all laptops quite frequently using public WiFi hotspots when traveling to keep in touch.
The big problem is that the directors of the company want all the documents on the server to be encrypted. They also want the link encrypted while they copy to/from the server. They also want the interface to be as simple as possible. The software can encrypt everything on the fly when it uploads to the server, but the user must do the decryption him/herself or at least provide a pass phrase to decrypt it.
Does anyone know of a suite of software which will be able to do what we want to do?
Your suggestions would be appreciated.
Albert
I do not know a specific product for this, but reading the requirements, I think that subversion (svn) will do most of the stuff. You can configure the access to files/directories by users or groups, you can even provide access to it over SSL (using apache module), and web browser as well for reading the repo. There are plenty of clients (for win/linux). Also, for every repository you can setup various scripts to be executed before/post commit, etc., which may help you to encrypt the documents upon upload. The only thing in your requirements which bothers me is that the files have to be encrypted on the fly upon upload, but decrypted by the user after download. This scenario is hard to maintain, there is always a good possibility to double encrypt a file, if a user forgets to decrypt it before submit, etc., but ... with good discipline it will go. Cheers Sunny -- -- Svetoslav Milenov (Sunny)