Figuring out a good path to security for your cloud data can be quite a challenge. Normally, the cloud is a very safe place for data, despite Fear, Uncertainty and Doubt (FUD) from those who might want to access their data everywhere anytime. But the security is a very problem so we need to use some tools or methods in other to prevent the risks. This is why you can use some tools like cryptomator to encrypt your data files.
How does cryptomator work?
Cryptomatoris a multi-platform transparent client-side encryption of your files in the cloud which works with Dropbox, Google Drive, OneDrive and any other cloud storage service which synchronizes with a local directory. It uses a passphrase to protect against brute-force attacks and the Advanced Encryption Standard (AES) method to encrypt your cloud data.
Cryptomator saves your data in a virtual drive called vaults which will be encrypted and secured with a passphrase. You can store these vaults on your local hard drive or cloud folder. When you create a vault, a master key is created into the vault folder. This key will help you to import the vault if you use another computer to synchronize your cloud data.
You can download cryptomator from their official download page. Deb , rpm and aur packages are available for Debian, Ubuntu, Redhat, CentOS and Arch Linux is available for download. This article we are using PPA on Debian 9 to show installation steps.
# add-apt-repository ppa:sebastian-stenzel/cryptomator Cryptomator provides free client-side AES encryption for your cloud files. Create encrypted vaults, which get mounted as virtual volumes. Whatever you save on one of these volumes will end up encrypted inside your vault. https://cryptomator.org/ More info: https://launchpad.net/~sebastian-stenzel/+archive/ubuntu/cryptomator Press [ENTER] to continue or ctrl-c to cancel adding it
Now you can update and install it
# apt update && apt install cryptomator Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease Hit:2 http://cm.archive.ubuntu.com/ubuntu xenial InRelease ............. ............. The following additional packages will be installed: ca-certificates-java fonts-dejavu-extra java-common libopenjfx-java libopenjfx-jni openjdk-8-jre openjdk-8-jre-headless openjfx Suggested packages: default-jre icedtea-8-plugin fonts-ipafont-gothic fonts-ipafont-mincho fonts-wqy-microhei fonts-wqy-zenhei fonts-indic The following NEW packages will be installed: ca-certificates-java cryptomator fonts-dejavu-extra java-common libopenjfx-java libopenjfx-jni openjdk-8-jre openjdk-8-jre-headless openjfx
2) Encrypt your cloud files
To encrypt your files, launch cryptomator
You can create the vault into your cloud folder. In my case, it we will be dropbox. So, you will choose your cloud folder and enter the name of the vault
Then save the vault and enter a password to protect your vault
When you protect the vault, you need to enter the password you provided in order to access it and edit your files to encrypt
This will automatically open your vault but you will contend that the path of the vault is no longer the same as the one you created earlier. This is because cryptomator creates a virtual drive to protect the files presents into the vault with another path only accessible via the application and not directly via the GUI.
We can copy the files to encrypt. During the operation you have something like below with cryptomator
Now if we try to open the folder created into our cloud folder, you will not see the content because it is protected.
You can open the web page of your cloud application to check the content of your encrypted folder which is synchronized with your computer
So you can see that your files are not visible so it is protected. So, to access your files, you will need to launch cryptomator and unlock the vault.
3) Access your encrypted files from another computer
Now that you have secured your file, you need cryptomator in order to access the different files. So how can you access your files if you don't have your computer with cryptomator installed? Don't worry, you just need to install cryptomator, the cloud desktop application (dropbox in my case) to synchronize the file on the new computer. Now open cryptomator and choose open an existing vault
Now go to the synchronized cloud folder and choose the master key of the vault folder.
Now you can open the vault by entering the passphrase you use for the encryption
Now you can access your files. You can see that the virtual drive is mount
To permanently delete vaults from your system, you should go to the vault location in your file browser, so the cloud folder in our case and delete the folder that contains the masterkey.cryptomator file.
You can use Cryptomator to easily protect your cloud data. You can create as many vaults as you want, each having individual passwords. Note that you can't close cryptomator while a vault is unlocked. If you try to close the application while a vault is unlocked, the app is minimized.