[Sussex] Dropbox like system

[Steve Dobson]

Hi Chris and welcome

On 05/12/12 09:17, Chris Edmunds wrote:
> I did something like this recently (albeit on a single user basis) using
> owncloud / s3 / encfs / my home NAS. Owncloud has multiple sync clients
> (win/mac/linux), the ability to mount multiple storage points (nas, s3,
> gdrive, dropbox) and the source is available.
> 
> "Just set up a secure connection between the server and the client to
> secure the data during transmission.  VPN software is the way to go here"
> 
> It's been a while since I set up my instance of owncloud, but it uses a
> web service to transfer data, so SSL can be used to protect the session
> rather than setting up a VPN (although I did manage to get it working
> with OpenVPN).  Even an SSH tunnel would simpler IMHO.

SSH / OpenVPN are the same thing in this context.  Both secure the data
for transmission across an untrusted network.  SSH may well be the
better solution because its connection tend toward the ad-hoc/short
duration type.  OpenVPN would be better if you want a permanent secure
connection to the remote server.

> "If the server is located in a safe place (your home)"
> 
> This of course assumes that you're comfortable with the risk of
> compromise via burglary.

True.  But if you really want to secure your data then employ an armed
guard outside with orders to shot to kill - the army do this all the
time with their really, really important data.

> "If the server is not trustworthy then you will need do
> encryption/decryption client side only.  The server just stores the
> encrypted data it is sent."
> 
> If you can mount the remote server as a filesystem (a la s3 via s3fs)
> then encfs works reasonably well as client from my limited testing.

I can see that encfs would be good on a laptop, but if mounted remotely
wouldn't the transmission be unencrypted?  It looks to me like you would
still need a VPN link to keep the transmission secure.

Steve

-- 
Steve "Dobbo" Dobson