Hi, I would like to encrypt some files I have on my pcs.
The intention is to encrypt backup otp codes, curriculums, purchases; personal documents in general. The content should add up to just a handful of MBs.

My current setup is made of a sync node which leverages nextcloud webdav access, my phone and my workstation.

Ideally, I would like to be able to have the files encrypted on every storage, and then be able to decrypt them just for their use. Something like a virtual file system would be fantastic.

I’ve read about pgp, but I’m not 100% sure it is the best solution. Are there any “universally” accepted alternatives?

If pgp is the right way to go, how should I manage access to the files? Should I use a keypair for every end-device and encrypt the files with both pubkeys or not?

Pardon me for all these questions, but I’m a bit confused.

  • @multiplespaghetti
    link
    44 years ago

    Solution 1: Create a veracrypt container and put your files in there. Then you can do whatever you want with that file, copy, upload to cloud etc.

    Solution 2: use rclone to sync and encrypt a local directory.

    Solution 3: EncFS

    • @clockwise_bitOP
      link
      14 years ago

      I already fiddled with container files. I tried with EDS lite from f-droid and cryptsetup on pc.
      Files are certainly encrypted, but I am limited by the fact that I need to share a size-fixed container every time instead of just syncing the single file that was changed.

      About using rclone, I already use it to setup a device from scratch, as nextcloud is a bit slower while transfering 100GB of files through webdav.

  • @ajz
    link
    3
    edit-2
    2 years ago

    deleted by creator

    • @clockwise_bitOP
      link
      2
      edit-2
      4 years ago

      I almost forgot. In theory what I need is to encrypt single files, one by one.

      I like to keep things tidy and maniacally organized, so I have a folder for bookmarks which are stored in a plaintext file, a folder for my accounting ledger which is stored in plaintext, a folder for org-mode notes and so on.
      I tought that encrypting file by file was the best solution here.

    • @clockwise_bitOP
      link
      24 years ago

      A general disk encryption is already in place on the server and on the workstation, thanks to luks. While this is a good recommendation, I think it’s not what I’m looking for.
      Thanks for your contribution anyway! I feel like I should have added more details, but I was on the verge of falling asleep and I admittedly sped up things a bit.

  • @ksynwa
    link
    24 years ago

    I don’t know what solution would be best for you but

    Should I use a keypair for every end-device

    I think the best way to use PGP is that one key-pair should map to one person and then you can copy your keys to whichever devices you want to.


    If it is something you are not going to be constantly updating, then encrypting with PGP is a good option because it is fairly universal (I use it on Linux and Android pretty seamlessly to manage passwords). If it is something that will need to be regularly updated then I am not sure.

    • @clockwise_bitOP
      link
      14 years ago

      Thanks for clarifying about the best setup for the keys! I didn’t find anything online, I probably used the wrong keywords.

      The files would be updated frequently, as the are use to keep track of bookmarks, accounting and so on. On a normal basis, I would edit the accounting file maybe 2 to 3 times a day, not so much honestly. The heavy payload would be the notes. I regularly edit those files through the day to brainstorm, track todos… If I would have to guess, I’d say I update them 20 times a day.
      Would this be too much for pgp?