File encryption

Hi, I would like to encrypt some files I have on my pcs.
The intention is to encrypt backup otp codes, curriculums, purchases; personal documents in general. The content should add up to just a handful of MBs.

My current setup is made of a sync node which leverages nextcloud webdav access, my phone and my workstation.

Ideally, I would like to be able to have the files encrypted on every storage, and then be able to decrypt them just for their use. Something like a virtual file system would be fantastic.

I’ve read about pgp, but I’m not 100% sure it is the best solution. Are there any “universally” accepted alternatives?

If pgp is the right way to go, how should I manage access to the files? Should I use a keypair for every end-device and encrypt the files with both pubkeys or not?

Pardon me for all these questions, but I’m a bit confused.

@multiplespaghetti
link
fedilink
42 anni

Solution 1: Create a veracrypt container and put your files in there. Then you can do whatever you want with that file, copy, upload to cloud etc.

Solution 2: use rclone to sync and encrypt a local directory.

Solution 3: EncFS

@clockwise_bit
creator
link
fedilink
12 anni

I already fiddled with container files. I tried with EDS lite from f-droid and cryptsetup on pc.
Files are certainly encrypted, but I am limited by the fact that I need to share a size-fixed container every time instead of just syncing the single file that was changed.

About using rclone, I already use it to setup a device from scratch, as nextcloud is a bit slower while transfering 100GB of files through webdav.

@BlackCentipede
link
fedilink
1
edit-2
un anno

deleted by creator

@ksynwa
link
fedilink
22 anni

I don’t know what solution would be best for you but

Should I use a keypair for every end-device

I think the best way to use PGP is that one key-pair should map to one person and then you can copy your keys to whichever devices you want to.


If it is something you are not going to be constantly updating, then encrypting with PGP is a good option because it is fairly universal (I use it on Linux and Android pretty seamlessly to manage passwords). If it is something that will need to be regularly updated then I am not sure.

@clockwise_bit
creator
link
fedilink
12 anni

Thanks for clarifying about the best setup for the keys! I didn’t find anything online, I probably used the wrong keywords.

The files would be updated frequently, as the are use to keep track of bookmarks, accounting and so on. On a normal basis, I would edit the accounting file maybe 2 to 3 times a day, not so much honestly. The heavy payload would be the notes. I regularly edit those files through the day to brainstorm, track todos… If I would have to guess, I’d say I update them 20 times a day.
Would this be too much for pgp?

@ajz
link
fedilink
3
edit-2
2 mesi

deleted by creator

@clockwise_bit
creator
link
fedilink
2
edit-2
2 anni

I almost forgot. In theory what I need is to encrypt single files, one by one.

I like to keep things tidy and maniacally organized, so I have a folder for bookmarks which are stored in a plaintext file, a folder for my accounting ledger which is stored in plaintext, a folder for org-mode notes and so on.
I tought that encrypting file by file was the best solution here.

@clockwise_bit
creator
link
fedilink
22 anni

A general disk encryption is already in place on the server and on the workstation, thanks to luks. While this is a good recommendation, I think it’s not what I’m looking for.
Thanks for your contribution anyway! I feel like I should have added more details, but I was on the verge of falling asleep and I admittedly sped up things a bit.

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 19 users / day
  • 36 users / week
  • 139 users / month
  • 528 users / 6 months
  • 4.91K subscribers
  • 2.43K Posts
  • 11.9K Comments
  • Modlog