Thursday 6 October 2011

Ecryptfs and Dropbox - a match made in heaven for secure backup

Dropbox is a wonderful service, but there's the problem that they (Dropbox) have a copy of your data, so it is smart to encrypt anything sensitive you store there.

The problem is, of course, that this adds complexity, and get's in the way of one's workflow.

However, I realised yesterday that there's an easy way to do this.

~$ ecryptfs-setup-private
~$ ln -s ~/.Private ~/Dropbox/Private

Note the "." in the first path

Now anything you put into ~/Private will be automatically synced up to Dropbox. Very, very convenient way of doing this IMHO.

These instructions are very, very simplified, and the ecryptfs setup can be done in many other ways than using the setup-private script. Using a common encryption passphrase across your boxes, or not encrypting filenames, or using public/private key for the ecrtyptfs mount all should be investigated.

But the main point here is the symlink idea to the hidden encrypted folder. I don't recall hearing anyone suggest this before.

No comments: