Encrypt Files Using Viivo Before Syncing


Recommended Posts

I am working on a project to securely sync several folders to multiple Mac Mini servers as well as my MacBook Air and my desktop machine.


The Mac Mini servers will provide backup and versioning of the synced folder data.


I trust Bittorrent Sync to keep my data safe during transport.


However, I don't trust the colocation personnel who have physical access to my Mac Mini servers.


I would like the synced folders to be encrypted on the Mac Mini servers and decrypted only on my MacBook Air and my desktop machine.


So I have set up Viivo (viivo.com) to encrypt files in the /Users/username/Viivo folder to the /Users/username/Viivo-Encrypted folder.


And I have set up Bittorrent Sync to sync the encrypted /Users/username/Viivo-Encrypted folder.


Everything is working perfectly, EXCEPT Bittorrent Sync is creating temporary files with a ".!sync" extension while it is syncing the new/changed file.


This causes Viivo to see and decrypt the temporary file and place the decrypted file into the /Users/username/Viivo folder.


This leads to a infinite loop of temporary files being added to the /Users/username/Viivo folder with file extensions of ".viivo.!sync", ".viivo.!sync.viivo.!sync", and so on.


The solution to this problem would be for Bittorrent Sync to not store temporary files inside the sync folders.


Has anyone else worked on adding encryption to files before syncing with Bittorrent Sync?

Link to comment
Share on other sites

Thanks to jtroth for pointing out that the BTSync API has an encryption secret that can be used to keep the synced files encrypted on a recipient's computer.


From the BTSync API docs:

"The Encryption Secret is new functionality. This is a secret for a read-only peer with encrypted content (the peer can sync files but can not see their content). One example use is if a user wanted to backup files to an untrusted, unsecure, or public location. This is set to disabled by default for all users but included in the API."



This solves the problem of syncing folders to a collocated server where one wants to keep the synced folders from being readable by collocation admins.


I have been successful is using Viivo to implement this functionality by syncing the Viivo encrypted files to my collocated server. As long as I don't enable Viivo on the collocated server, the encrypted files remain synced without the .viivo.!sync file extension problem as described in my initial post above.


I still would really like to see the ability of a 3rd party (non-BT) encryption tool to encrypt/decrypt files as well. For this to work BTSync needs to stop creating temporary files inside the synced folders.

Link to comment
Share on other sites

Thanks to jtroth I am now using an encrypted read-only secret to sync to my collocated server.


This not only keeps the contents of the files encrypted but also encrypts the file names as well.




And there is a way to generate the encrypted read-only secret without using the API calls:


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.