1

I have a file system mounted on /srv, that is unencrypted. This is perfectly fine; the local systems are trusted.

However, I want to perform backups with Jottacloud, which does not support encryption. Is there any reverse encryption file systems, that I can use to get a on-the-fly encrypted version of my normal filesystem mounted somewhere else on the system, that can be backed up?

For performance reasons, I would prefer not to encrypt the base file system, as this contains 8TiB of data, although this is a solution if I find no other.

I would prefer the file names to be encrypted as well, but this is not a requirement.

This is currently on 16.04, but answers does not have to be for this particular version.

vidarlo
  • 22,691
  • Is this for full backup once in a great while, or for frequent (incremental) backup? If full backup once in a great while, you can make an encrypted image with some tool, for example gpg. But it will be slow. Otherwise, maybe Duplicity according to this link, How to do rsync-like encrypted backup? – sudodus Apr 11 '18 at 07:22
  • @sudodus Continuous sync. Besides, encrypting a copy means storing twice the amount :\ For 8TiB that's a major PITA for me. – vidarlo Apr 11 '18 at 07:25
  • I edited the first comment after I found what I think is a useful link. I searched the internet with the search string encrypted backup linux, and you may find other useful links that way :-) – sudodus Apr 11 '18 at 07:30
  • I'm aware of duplicity. It's however not the solution. Jotta's client mirrors a directory. This is why I would like to present it with a filesystem-like mounted resource, which is encrypted, that it can mirror... :) – vidarlo Apr 11 '18 at 07:31
  • Have you considered 'encrypted home' with ecryptfs, or in general ecryptfs systems? It encrypts both the name and content of each file. – sudodus Apr 11 '18 at 07:54
  • Yes. But this would have some impact for local access to files, and it would mean moving all the files. I'd like to avoid this. – vidarlo Apr 11 '18 at 07:55
  • Let us continue this discussion in chat. – sudodus Apr 11 '18 at 08:03

1 Answers1

2

You may want to take a look at EncFS. It's especially useful to encrypt files stored in the cloud because it can encrypt files or folders. It's fast too. Here's a GUI for EncFS if you need it.

Edit:

According to an audit that dates back to 2014, EncFS "is not safe if the adversary has the opportunity to see two or more snapshots of the ciphertext at different times. EncFS attempts to protect files from malicious modification, but there are serious problems with this feature."

I couldn't find any information if the issues presented in the audit have since been fixed.

It looks like Cryptomator is considered more secure, and like EncFS, it too offers client side encryption (some more details about Cryptomator here).

Logix
  • 2,230