-
-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Selectively encrypt files/folders #375
Comments
Selective encryption is currently only possible based on mount points (of external storage). That means that you could separately encrypt all mount points that are created with files_external app. |
cc @schiessle |
@MorrisJobke @schiessle As a workaround, that is something that could work in the short term if there are only a few folders that need the "special treatment". |
Why then not just encrypt everything? To be on the safe side. Because per directory settings will get messy. |
Encrypting everything will involve encrypting multiple gigabytes of non-sensitive data, that I must hold for archival purposes and the overheads with dealing with not only the encryption of the data but also managing keys, transferring files once the temp workers leave. There is also a matter of scale. I would need to encrypt multiple gigabytes of non-sensitive data to protect a couple of hundred megabytes of sensitive data. |
I am not sure if my issue fits the topic but in my case I would like to encrypt an external source like Google Drive but not everything else, so I can maintain my data security even though using external storage space. |
I 'd also be glad to have that feature. I have several Folders on the root-Level of my Cloud and I'd like to enable encryption, but there is one folder that has to stay unencrypted. |
That's possible. In the encryption section of your admin settings you can exclude the home storage from encryption. This means that all local files in data/user/files will not be encrypted. Then you can configure in the external storage settings your external storage (e.g. your gdrive) to be encrypted. We will not provide a general per-folder encryption. Why this sounds convenient at first sight. This creates a lot of problems. E.g. think about moving a large file or a folder with many (large) files from a encrypted folder to a non-encrypted folder, or the other way around. This could take extremely long, because we would need to encrypt/decrypt every file, your server could run into timeouts, etc. |
@schiessle Couldn't we be able to create - in the future - some encrypted (password protected) zip files and then, be able to decrypt them with this kind of stuff https://github.com/defuse/php-encryption and this class? |
I'm also interested in this feature. I want it so bad that I think about trying to implement it on my own based on encfs. Would it make sense to implement this functionality as an app for nextcloud? |
Hello, Any news of this feature ? Because e2ee not ready to production, and i don't want to encrypt all my data, just a subset. |
Hi. It is not exactly selective but it is possible to have encrypted and unencrypted files on a nextcloud server. @schiessle already stated how in his post from December 2016, but I will elaborate it a bit more since I did also not get it the first time I read it.
|
From what I know, the server side encryption encrypts all the data on the NC server. I was wondering if there is a way to only encrypt certain folders/files.
Use Case:
The nc instance acts as a general cloud based file share and collaboration tool for my users. Most of the data is internal company documents, not sensitive enough to justify encrypting or the overheads associated with encrypting everything.
However some of the teams/users deal with customer data and hold private information within the documents. I would like these files/folders encrypted as a precaution.
Note: The files are stored on a NAS (external storage).
Is this possible?
The text was updated successfully, but these errors were encountered: