So, I want to encrypt my files with Cryptomater before they go to my cloud based backup service. Lets say I use Dropbox.

So I know I create a Cryptomater vault and give the location as a folder in Dropbox.

I can’t see that Vault until I open it in Cryptomater, right? This means I can’t add anything to that Vault unless its open on my machine. As its open, I’m assuming that the data I’m adding is unencrypted until I close the Vault?

Lets say I add a plain text file to an open Vault.

So, at what point does Dropbox upload that file? Is it the minute its added to the Dropbox environment? Because that would mean its unencrypted.

Or is it not uploaded until the moment the Cryptomater vault is closed? Because that would mean I’d either have to leave the Vault open the entire time I was on my device and possibly have to do one (potentially) big upload at the end of the day maybe or keep opening and closing the Vault every time I wanted to work with the Vault (edit an existing document, add a new one, delete one etc).

Or have I misunderstood the process? I hope so because it either sounds not very secure or not very usable.

  • cyrano@lemmy.dbzer0.com
    3·
    7 hours ago

    It should similar to rclone crypt https://rclone.org/crypt/

    Accessing a storage system through a crypt remote realizes client-side encryption, which makes it safe to keep your data in a location you do not trust will not get compromised. When working against the crypt remote, rclone will automatically encrypt (before uploading) and decrypt (after downloading) on your local system as needed on the fly, leaving the data encrypted at rest in the wrapped remote. If you access the storage system using an application other than rclone, or access the wrapped remote directly using rclone, there will not be any encryption/decryption: Downloading existing content will just give you the encrypted (scrambled) format, and anything you upload will not become encrypted.