How do I access an encrypted SSD through Samba/Dolphin?

Hi there!

I’m running Manjaro KDE 20.2 on both my desktop and laptop (Dell XPS 15 9570).

My desktop has three SSDs: a 500GB boot/os, and two 1TB SSDs for media and games, respectively.

All three SSDs are gpt ext4 and encrypted with LUKs. I have the 1TBs set to auto mount on boot, at which point they ask me for their individual passwords to decrypt them. This all works fine, and lets me (theoretically) easily move the SSDs from PC to PC whilst keeping them encrypted.

I want to be able to access the media and games SSDs through samba on my laptop while they are mounted to my desktop. I’m able to access home from my laptop fine as far as I can tell (through I’ll admit samba has been a pain for me since switching to linux a few years ago), but I run into an issue where I’m asked for a password to access the mounted SSDs.

Desktop and laptop samba passwords don’t work, nor do root passwords, or LUKs passwords. I didn’t think they would, but it was nice to be hopeful and try first.

I’d say I’m mediocre at hunting through the manjaro and arch wikis (amongst other sources) to figure stuff out myself, but thus far I feel like I’ve done fairly well for myself, and feel embarrassingly stuck on this.

Any help would be greatly appreciated.

Thank you kindly!

You cannot - at least I don’t think you can - encryption is usually to ensure data is safe and making them available through a network share is not safe.

If you absolutely must - in a controlled environment - and as you state - both systems run Manjaro - I suggest you use NFS and static IP addressing inside your controlled network.

You can get an idea on how to achieve this by reading reading this topic

You could try to share the mount point…
The share should not be different as any other directory you share, because your desktop is doing the encryption…

Encrypted partitions are used to encrypt the data on the hard disk, it’s not to restrict access to it by the user.
So if the user decides to share the data un-encrypted via the network it’s his own choice :wink:

I know that - I can even respect the decision - but, it kind of defeats the purpose of encryption - but as you say it is a user choice - and sharing it using NFS would be easier than the pain of samba.

I completely agree with your choice of NFS ofcourse :wink:
But who knows maybe he has dual-boot on his laptop to play M$ games, and want to access the game files over the network…

Now that i think of it, didn’t M$ have posibility to use NFS also?

Only professional or enterprise - never home editions

I greatly appreciate the responses, folks. Thank you!

I’ve read the how-to for NFS sharing previously and will most likely move to doing such for these two SSDs after attempting the suggesting to share the mount point. It is more in line in terms of the functionally I want anyways.

My original reason for not going the NFS route first was due to there being a third, W10 PC in the mix of our home network. Sadly, I cannot convince my spouse to make the switch from their W10/iphone combo, and since my personal desktop also functions as our shared storage…

We’re only running into this issue now because I switched from a single SSD to multple SSDs for specific purposes. :upside_down_face:

Thank you again, folks! I’ll post an update on how it goes when I get the chance. :slightly_smiling_face:

Sharing the mount points was the simple solution I was over looking (and looking) for. I really appreciate the help from both of you! :grinning:

The one side effect of using this method I have noticed is that, once the share is accessed over the network, the SSDs can’t be unmounted without fist disabling smb.service on my desktop. Ultimately, that’s just a blip on the annoyance radar.

Any links pointing to the share disconnect correctly when the SSDs are unmounted from the desktop, and they don’t work until the desktop unlocks them on boot-up.

Once again, thank you kindly!

I’ll have to experiment with NFS on something else!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.