Automatic Coding Posted November 7, 2013 Report Share Posted November 7, 2013 Questions about the encrypted client:-1. Does it encrypt the file names too? Or just the data?2. Does it keep the directory structure the same? Or, is it completely incoherent data to anyone looking at it? Questions about the protocol:-I read that (Quote below) all non-encrypted clients now need to do everything twice as to have two copies, one for 'encrypted' nodes and one for 'normal' nodes, wouldn't it just be more logical to do it all once, then, at the receiving end of any 'normal' nodes just decrypt it? I presume you're already encrypting once for network transmissions, and, then, once for the encrypted nodes. Quote:-Explanation how this works. 1. You add the folder and generate RW/RO and backup key;2. New RO key will have a special key to decrypt data (this is why the new RO key is longer)3. Since RO and RW nodes needs to encrypt data for backup node - there will be two indexing data sets for RO and backup nodes. On ARM devices (NAS) and phones it could 2-3x slow down indexing. Questions about the API:-Is API access a 'rare' thing? I'd love to get access, however, it seems to be a manual thing. Is it something that 'everyone is accepted to'? Or, just the 'elite few'? Thanks,Automatic. Quote Link to comment Share on other sites More sharing options...
Automatic Coding Posted November 8, 2013 Author Report Share Posted November 8, 2013 Well, I just got this email:- So, I'll spend the time answering my own questions for anyone wondering:- 1. Does it encrypt the file names too? Or just the data? Identical directories:- Encrypted:-[root@btsynctest encrypt]# ls -latotal 10264drwxr-xr-x 4 root root 4096 Nov 8 06:36 .drwxr-x--- 5 root root 4096 Nov 8 06:32 ..drwxr-xr-x 2 root root 4096 Nov 8 06:32 .SyncArchive-rw-r--r-- 1 root root 20 Nov 8 06:32 .SyncID-rw-r--r-- 1 root root 296 Nov 8 06:32 .SyncIgnoredrwxr-xr-x 2 root root 4096 Nov 8 06:36 G3ZV62EUALJE3RULHVCAGJMKJ7FYOYFJVG6QPIY-rw-r--r-- 1 root root 10485760 Nov 8 00:23 RSKTNORKOWKFWW3PFTXNHYTV56VUYX5ANCZ4LHQPlaintext:-root@Tower:/tmp/test# ls -latotal 10252drwxrwxrwx 4 root root 0 2013-11-08 06:33 ./drwxrwxrwt 18 root root 0 2013-11-08 05:24 ../drwxr-xr-x 2 root root 0 2013-11-07 22:58 .SyncArchive/-rw-rw-rw- 1 root root 20 2013-11-08 06:25 .SyncID-rw-r--r-- 1 root root 783 2013-11-07 22:58 .SyncIgnoredrwxr-xr-x 2 root root 0 2013-11-08 06:33 Test/-rw-rw-rw- 1 root root 10485760 2013-11-08 00:23 file.ext2. Does it keep the directory structure the same? Or, is it completely incoherent data to anyone looking at it? Exact same. As for everything else, no idea. Quote Link to comment Share on other sites More sharing options...
TheDurtch Posted November 8, 2013 Report Share Posted November 8, 2013 The one thing I am wondering is will we non-API folks be able to make encrypted secrets? Quote Link to comment Share on other sites More sharing options...
Automatic Coding Posted November 8, 2013 Author Report Share Posted November 8, 2013 The one thing I am wondering is will we non-API folks be able to make encrypted secrets? At the moment, doesn't seem so. It's worth registering an API key just for this (Assuming it's public, not sure, maybe I'm special ), you never technically need to use it again, just register the API key with the application (in your configuration file) then go here:- $domain/api?method=get_secrets&type=encryption And it'll return something like:-{ "encryption": "FN242YS7WOCMZS3UKA3P2MJBTWKWSVROC", "read_only": "EN242YS7WOCMZS3UKA3P2MJBTWKWSVROCGQNM5WC4TCDFN457XUC5J3OPAI", "read_write": "DJNGMRD5FZFVIU26QUKO2EUH4WKKAI5OE" }Which formatted is:-{ "encryption": "FN242YS7WOCMZS3UKA3P2MJBTWKWSVROC", "read_only": "EN242YS7WOCMZS3UKA3P2MJBTWKWSVROCGQNM5WC4TCDFN457XUC5J3OPAI", "read_write": "DJNGMRD5FZFVIU26QUKO2EUH4WKKAI5OE"}As from there, everything is just UI based. Add the keys normally (Encryption/read_only/read_write) and it'll just 'work', magic! Never need to touch the API again, unless you want another set, in which case, just go back to the URL and tuh-duh. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.