Hi, I would like to encrypt some files I have on my pcs.
The intention is to encrypt backup otp codes, curriculums, purchases; personal documents in general. The content should add up to just a handful of MBs.
My current setup is made of a sync node which leverages nextcloud webdav access, my phone and my workstation.
Ideally, I would like to be able to have the files encrypted on every storage, and then be able to decrypt them just for their use. Something like a virtual file system would be fantastic.
I’ve read about pgp, but I’m not 100% sure it is the best solution. Are there any “universally” accepted alternatives?
If pgp is the right way to go, how should I manage access to the files? Should I use a keypair for every end-device and encrypt the files with both pubkeys or not?
Pardon me for all these questions, but I’m a bit confused.
Solution 1: Create a veracrypt container and put your files in there. Then you can do whatever you want with that file, copy, upload to cloud etc.
Solution 2: use rclone to sync and encrypt a local directory.
Solution 3: EncFS
I already fiddled with container files. I tried with EDS lite from f-droid and cryptsetup on pc.
Files are certainly encrypted, but I am limited by the fact that I need to share a size-fixed container every time instead of just syncing the single file that was changed.About using rclone, I already use it to setup a device from scratch, as nextcloud is a bit slower while transfering 100GB of files through webdav.
deleted by creator
deleted by creator
I almost forgot. In theory what I need is to encrypt single files, one by one.
I like to keep things tidy and maniacally organized, so I have a folder for bookmarks which are stored in a plaintext file, a folder for my accounting ledger which is stored in plaintext, a folder for org-mode notes and so on.
I tought that encrypting file by file was the best solution here.A general disk encryption is already in place on the server and on the workstation, thanks to luks. While this is a good recommendation, I think it’s not what I’m looking for.
Thanks for your contribution anyway! I feel like I should have added more details, but I was on the verge of falling asleep and I admittedly sped up things a bit.
I don’t know what solution would be best for you but
Should I use a keypair for every end-device
I think the best way to use PGP is that one key-pair should map to one person and then you can copy your keys to whichever devices you want to.
If it is something you are not going to be constantly updating, then encrypting with PGP is a good option because it is fairly universal (I use it on Linux and Android pretty seamlessly to manage passwords). If it is something that will need to be regularly updated then I am not sure.
Thanks for clarifying about the best setup for the keys! I didn’t find anything online, I probably used the wrong keywords.
The files would be updated frequently, as the are use to keep track of bookmarks, accounting and so on. On a normal basis, I would edit the accounting file maybe 2 to 3 times a day, not so much honestly. The heavy payload would be the notes. I regularly edit those files through the day to brainstorm, track todos… If I would have to guess, I’d say I update them 20 times a day.
Would this be too much for pgp?
