Dropbox Replacement Restore Files From Encrypted Peer


hypercat

Recommended Posts

I am working on replacing Dropbox by syncing via an encrypted read-only secret to my collocated Mac mini server.

 

The encrypted read-only secret keeps the files and filenames encrypted on the collocated Mac mini, protecting the synced data from rogue server admins.

 

The sync folder on the Mac mini server is backed up using Crashplan. Crashplan also provides version histories for each file.

 

So far, so good...

 

The problem I am having is figuring out how to restore a file from the Mac mini server back to all of the synced folders.

 

The only solution I have come up with so far is:

 

1.) pause syncing from all peers

 

2.) use Crashplan to restore the entire synced folder back to some previous date/state

 

3.) create a new read-only peer to receive the decrypted files from the Mac mini server

 

4.) copy the file(s) to be restored from the new read-only peer to one of the read-write peers

 

5.) remove the read-only peer used for the restore in step 3

 

6.) resume syncing on all peers

 

This works but has several issues:

 

1.) the encrypted file names on the Mac mini server prevent me from seeing the exact file(s) I want to restore, so I am forced to restore all files back to the desired restore date

 

2.) this solution works only if I have access and control of all read-write peers since I must first pause syncing on all peers during the restore procedure

 

Does anyone have an alternative solution?


For those interested in testing this out, you can create an encrypted read-only secret without using the BTSync API as outlined in:

 

http://forum.bittorrent.com/topic/25823-generate-encrypted-read-only-secret-without-api-key/

 

From the BTSync API docs:

 

"The Encryption Secret is new functionality. This is a secret for a read-only peer with encrypted content (the peer can sync files but can not see their content). One example use is if a user wanted to backup files to an untrusted, unsecure, or public location. This is set to disabled by default for all users but included in the API."
 
Link to comment
Share on other sites

An alternative that I have been working on uses Viivo to encrypt the files destined for the Mac mini server and uses Bittorrent Sync to sync the Viivo-Encrypted folder to the Mac mini server.

 

Viivo encrypts the file contents but not the file names. So it's less secure, but I can identify the specific file(s) I want to restore.

 

Using Viivo I do not need to pause syncing on all peers. I can simply remove or pause syncing on the Mac mini server and restore the Viivo encrypted file using Crashplan.

 

Then I can copy the restored Viivo encrypted file back to a local machine and use Viivo to decrypt the restored file on the local machine.

 

It would be nice to see a function to decrypt files encrypted with the BTSync encryption secret added to the BTSync API.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.