home.social

#gocryptfs — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #gocryptfs, aggregated by home.social.

  1. So, endlich mal gocryptfs auf dem vServer eingerichtet und die Grimmory-Bibliothek in den Mount verschoben. Morgen noch die Pfade zu den Büchern in der MariaDB anpassen.

    #gocryptfs #Grimmory #Booklore
  2. 💥💥💥I give up‼️ 🫷🫷🫷
    Adding #Gocryptfs support to @backintime codebase is torture. 😭😭😭

    🚀I decided to rewrite the whole mounting logic.

    👉github.com/bit-team/backintime

    #foss #opensource #backup

  3. 💥💥💥I give up‼️ 🫷🫷🫷
    Adding support to @backintime codebase is torture. 😭😭😭

    🚀I decided to rewrite the whole mounting logic.

    👉github.com/bit-team/backintime

  4. 💥💥💥I give up‼️ 🫷🫷🫷
    Adding #Gocryptfs support to @backintime codebase is torture. 😭😭😭

    🚀I decided to rewrite the whole mounting logic.

    👉github.com/bit-team/backintime

    #foss #opensource #backup

  5. 💥💥💥I give up‼️ 🫷🫷🫷
    Adding #Gocryptfs support to @backintime codebase is torture. 😭😭😭

    🚀I decided to rewrite the whole mounting logic.

    👉github.com/bit-team/backintime

    #foss #opensource #backup

  6. 💥💥💥I give up‼️ 🫷🫷🫷
    Adding #Gocryptfs support to @backintime codebase is torture. 😭😭😭

    🚀I decided to rewrite the whole mounting logic.

    👉github.com/bit-team/backintime

    #foss #opensource #backup

  7. @Sigma I understand. Without any real documented alternatives and migration paths, changes like this can be expected to trip up people though 🙃

    - #fscrypt only supports some filesystems, setup and migration seem very manual and tedious, no #nixos wiki page or writeups
    - #gocryptfs is FUSE, but also seems tedious, nothing for nixos either
    - #CryFS is totally not designed for homedir encryption (though someome tried but stopped).

  8. @Sigma I understand. Without any real documented alternatives and migration paths, changes like this can be expected to trip up people though 🙃

    - only supports some filesystems, setup and migration seem very manual and tedious, no wiki page or writeups
    - is FUSE, but also seems tedious, nothing for nixos either
    - is totally not designed for homedir encryption (though someome tried but stopped).

  9. @Sigma I understand. Without any real documented alternatives and migration paths, changes like this can be expected to trip up people though 🙃

    - #fscrypt only supports some filesystems, setup and migration seem very manual and tedious, no #nixos wiki page or writeups
    - #gocryptfs is FUSE, but also seems tedious, nothing for nixos either
    - #CryFS is totally not designed for homedir encryption (though someome tried but stopped).

  10. @Sigma I understand. Without any real documented alternatives and migration paths, changes like this can be expected to trip up people though 🙃

    - #fscrypt only supports some filesystems, setup and migration seem very manual and tedious, no #nixos wiki page or writeups
    - #gocryptfs is FUSE, but also seems tedious, nothing for nixos either
    - #CryFS is totally not designed for homedir encryption (though someome tried but stopped).

  11. @Sigma I understand. Without any real documented alternatives and migration paths, changes like this can be expected to trip up people though 🙃

    - #fscrypt only supports some filesystems, setup and migration seem very manual and tedious, no #nixos wiki page or writeups
    - #gocryptfs is FUSE, but also seems tedious, nothing for nixos either
    - #CryFS is totally not designed for homedir encryption (though someome tried but stopped).

  12. 🚀 gocryptfs support merged into Back In Time

    Local backup profiles can now use gocryptfs for encryption instead of the deprecated EncFS.

    Will be included in the upcoming 1.6.0 release within in the next weeks.

    🔗 PR: github.com/bit-team/backintime
    🔗 Issue: github.com/bit-team/backintime

    #backup #foss #opensource #debian #ubuntu #gocryptfs #encfs

  13. 🚀 gocryptfs support merged into Back In Time

    Local backup profiles can now use gocryptfs for encryption instead of the deprecated EncFS.

    Will be included in the upcoming 1.6.0 release within in the next weeks.

    🔗 PR: github.com/bit-team/backintime
    🔗 Issue: github.com/bit-team/backintime

  14. 🚀 gocryptfs support merged into Back In Time

    Local backup profiles can now use gocryptfs for encryption instead of the deprecated EncFS.

    Will be included in the upcoming 1.6.0 release within in the next weeks.

    🔗 PR: github.com/bit-team/backintime
    🔗 Issue: github.com/bit-team/backintime

    #backup #foss #opensource #debian #ubuntu #gocryptfs #encfs

  15. 🚀 gocryptfs support merged into Back In Time

    Local backup profiles can now use gocryptfs for encryption instead of the deprecated EncFS.

    Will be included in the upcoming 1.6.0 release within in the next weeks.

    🔗 PR: github.com/bit-team/backintime
    🔗 Issue: github.com/bit-team/backintime

    #backup #foss #opensource #debian #ubuntu #gocryptfs #encfs

  16. Wow. All the big packages updating on my #Gentoo #Linux box. Been about 20 hours, 165 of 201 completed.

    That's what I get for not updating for about 10 days.

    Oh, and encfs is depreciated and going bye-bye. Luckily I have next weekend off and will have some time to switch all my local backups to #GoCryptFS.

    I need to submit my workbook to the print shop for next #AdultESOL term.

    #CyberSecurity class starts tomorrow.

    International dinner at school in two weeks.

    I'll sleep when I'm dead.

  17. Wow. All the big packages updating on my #Gentoo #Linux box. Been about 20 hours, 165 of 201 completed.

    That's what I get for not updating for about 10 days.

    Oh, and encfs is depreciated and going bye-bye. Luckily I have next weekend off and will have some time to switch all my local backups to #GoCryptFS.

    I need to submit my workbook to the print shop for next #AdultESOL term.

    #CyberSecurity class starts tomorrow.

    International dinner at school in two weeks.

    I'll sleep when I'm dead.

  18. Wow. All the big packages updating on my #Gentoo #Linux box. Been about 20 hours, 165 of 201 completed.

    That's what I get for not updating for about 10 days.

    Oh, and encfs is depreciated and going bye-bye. Luckily I have next weekend off and will have some time to switch all my local backups to #GoCryptFS.

    I need to submit my workbook to the print shop for next #AdultESOL term.

    #CyberSecurity class starts tomorrow.

    International dinner at school in two weeks.

    I'll sleep when I'm dead.

  19. Wow. All the big packages updating on my #Gentoo #Linux box. Been about 20 hours, 165 of 201 completed.

    That's what I get for not updating for about 10 days.

    Oh, and encfs is depreciated and going bye-bye. Luckily I have next weekend off and will have some time to switch all my local backups to #GoCryptFS.

    I need to submit my workbook to the print shop for next #AdultESOL term.

    #CyberSecurity class starts tomorrow.

    International dinner at school in two weeks.

    I'll sleep when I'm dead.

  20. Wow. All the big packages updating on my #Gentoo #Linux box. Been about 20 hours, 165 of 201 completed.

    That's what I get for not updating for about 10 days.

    Oh, and encfs is depreciated and going bye-bye. Luckily I have next weekend off and will have some time to switch all my local backups to #GoCryptFS.

    I need to submit my workbook to the print shop for next #AdultESOL term.

    #CyberSecurity class starts tomorrow.

    International dinner at school in two weeks.

    I'll sleep when I'm dead.

  21. I organized my #storage like this. I think it's quite well thought out. All disks are SED hardware encrypted with TCG OPAL, root @ and @ home subvolumes are on #btrfs (mdadm RAID1), additionally encrypted with #LUKS2. A fast storage for less important local data is on NVMe drives. Data on large SATA drives is encrypted in LUKS images or using a cloud-friendly filesystems (#gocryptfs), quickly synchronized via LAN sync, and efficiently synced with cloud storage using block-level sync.

  22. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  23. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  24. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  25. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  26. (24/N) There are some best practices that will make it easier to answer threat modeling question #3, "What are you going to do about it?". These will help you protect a wide range of assets by taking care of your devices, so let's look at them first:

    1. Encrypt data at rest
    2. Bootstrap your workplace
    3. Actively maintain your devices
    4. Secure your devices
    5. Prepare for repair

    1. Encrypt data at rest

    What can you achieve with intermediate knowledge, without fully descending into the rat hole?

    ⚠️ Caveat: this is best done when setting up #Linux on a new device. Modifying an existing installation on your own IMHO isn't advisable if you're not a seasoned user. If you still decide to venture into it, make SURE you have backed up all your assets, before following "howtos on the internet". You have been warned.

    Likening your device to a medieval city:

    1) Full-Disk Encryption (FDE) is like locking the "city gate". Most popular Linux distributions offer FDE during the installation process. FDE is also your last line of defense when your device gets stolen, or your disk fails and cannot be safely wiped before disposing of it. Use FDE. (Yes, technically, "Full" is not absolutely accurate. We'll leave it at that.)

    2) Within your "city", there will likely be at least two "houses": the home of the admin account, and your personal home. Using FDE alone, the "doors" of these homes won't have any locks of their own. Possibly not a big deal with respect to the administrative account, but admins being able to access any of your non-public assets, even when you're not logged in, is probably not what you want.

    While the specific steps depend on your preferred Linux distro, a "portable" solution is to create a separate, encrypted disk partition, and have it mounted as your user home directory, when you log in. That solution is based on cryptsetup and the pam_mount module, a nice tutorial example is:

    3) Within your "house", you may wish to have a locked "chest", e.g. for your #FYEO assets. There's essentially two options: a) a single, encrypted container file that acts as a "#vault" for your asset files; or b) an encrypted overlay file system that maintains an openly visible directory hosting your encrypted assets, including directory structures, in the background; and allows you to mount a decrypted counterpart, for working on your assets.

    a) A "vault", being a single file, is easy to copy and carry around, on arbitrary storage media, e.g. USB sticks. It doesn't reveal too much about its contents, but resizing it takes a little effort. Also, you can't "incrementally backup" content changes, just copy the whole, changed vault.

    A nice tutorial for creating and using a vault using plain, standard cryptsetup is opensource.com/article/21/4/li by @seth . If you must have a GUI for creating and mounting vaults, look at #zuluCrypt mhogomchungu.github.io/zuluCry – IMHO the app is still in need of a little polish, though.

    b) An encrypted overlay file system allows for incrementally backing up changed assets, but exposes considerable metadata (rough file sizes, directory structures, modification dates).

    The most widely used package for this is probably #gocryptfs. Its "HowTo" is literally a one-pager: nuetzlich.net/gocryptfs/quicks

    Start of this thread:
    mastodon.de/@tuxwise/113503228

    #ThreatModeling #4D

  27. (24/N) There are some best practices that will make it easier to answer threat modeling question #3, "What are you going to do about it?". These will help you protect a wide range of assets by taking care of your devices, so let's look at them first:

    1. Encrypt data at rest
    2. Bootstrap your workplace
    3. Actively maintain your devices
    4. Secure your devices
    5. Prepare for repair

    1. Encrypt data at rest

    What can you achieve with intermediate knowledge, without fully descending into the rat hole?

    ⚠️ Caveat: this is best done when setting up #Linux on a new device. Modifying an existing installation on your own IMHO isn't advisable if you're not a seasoned user. If you still decide to venture into it, make SURE you have backed up all your assets, before following "howtos on the internet". You have been warned.

    Likening your device to a medieval city:

    1) Full-Disk Encryption (FDE) is like locking the "city gate". Most popular Linux distributions offer FDE during the installation process. FDE is also your last line of defense when your device gets stolen, or your disk fails and cannot be safely wiped before disposing of it. Use FDE. (Yes, technically, "Full" is not absolutely accurate. We'll leave it at that.)

    2) Within your "city", there will likely be at least two "houses": the home of the admin account, and your personal home. Using FDE alone, the "doors" of these homes won't have any locks of their own. Possibly not a big deal with respect to the administrative account, but admins being able to access any of your non-public assets, even when you're not logged in, is probably not what you want.

    While the specific steps depend on your preferred Linux distro, a "portable" solution is to create a separate, encrypted disk partition, and have it mounted as your user home directory, when you log in. That solution is based on cryptsetup and the pam_mount module, a nice tutorial example is:

    3) Within your "house", you may wish to have a locked "chest", e.g. for your #FYEO assets. There's essentially two options: a) a single, encrypted container file that acts as a "#vault" for your asset files; or b) an encrypted overlay file system that maintains an openly visible directory hosting your encrypted assets, including directory structures, in the background; and allows you to mount a decrypted counterpart, for working on your assets.

    a) A "vault", being a single file, is easy to copy and carry around, on arbitrary storage media, e.g. USB sticks. It doesn't reveal too much about its contents, but resizing it takes a little effort. Also, you can't "incrementally backup" content changes, just copy the whole, changed vault.

    A nice tutorial for creating and using a vault using plain, standard cryptsetup is opensource.com/article/21/4/li by @seth . If you must have a GUI for creating and mounting vaults, look at #zuluCrypt mhogomchungu.github.io/zuluCry – IMHO the app is still in need of a little polish, though.

    b) An encrypted overlay file system allows for incrementally backing up changed assets, but exposes considerable metadata (rough file sizes, directory structures, modification dates).

    The most widely used package for this is probably #gocryptfs. Its "HowTo" is literally a one-pager: nuetzlich.net/gocryptfs/quicks

    Start of this thread:
    mastodon.de/@tuxwise/113503228

    #ThreatModeling #4D

  28. (24/N) There are some best practices that will make it easier to answer threat modeling question #3, "What are you going to do about it?". These will help you protect a wide range of assets by taking care of your devices, so let's look at them first:

    1. Encrypt data at rest
    2. Bootstrap your workplace
    3. Actively maintain your devices
    4. Secure your devices
    5. Prepare for repair

    1. Encrypt data at rest

    What can you achieve with intermediate knowledge, without fully descending into the rat hole?

    ⚠️ Caveat: this is best done when setting up #Linux on a new device. Modifying an existing installation on your own IMHO isn't advisable if you're not a seasoned user. If you still decide to venture into it, make SURE you have backed up all your assets, before following "howtos on the internet". You have been warned.

    Likening your device to a medieval city:

    1) Full-Disk Encryption (FDE) is like locking the "city gate". Most popular Linux distributions offer FDE during the installation process. FDE is also your last line of defense when your device gets stolen, or your disk fails and cannot be safely wiped before disposing of it. Use FDE. (Yes, technically, "Full" is not absolutely accurate. We'll leave it at that.)

    2) Within your "city", there will likely be at least two "houses": the home of the admin account, and your personal home. Using FDE alone, the "doors" of these homes won't have any locks of their own. Possibly not a big deal with respect to the administrative account, but admins being able to access any of your non-public assets, even when you're not logged in, is probably not what you want.

    While the specific steps depend on your preferred Linux distro, a "portable" solution is to create a separate, encrypted disk partition, and have it mounted as your user home directory, when you log in. That solution is based on cryptsetup and the pam_mount module, a nice tutorial example is:

    3) Within your "house", you may wish to have a locked "chest", e.g. for your #FYEO assets. There's essentially two options: a) a single, encrypted container file that acts as a "#vault" for your asset files; or b) an encrypted overlay file system that maintains an openly visible directory hosting your encrypted assets, including directory structures, in the background; and allows you to mount a decrypted counterpart, for working on your assets.

    a) A "vault", being a single file, is easy to copy and carry around, on arbitrary storage media, e.g. USB sticks. It doesn't reveal too much about its contents, but resizing it takes a little effort. Also, you can't "incrementally backup" content changes, just copy the whole, changed vault.

    A nice tutorial for creating and using a vault using plain, standard cryptsetup is opensource.com/article/21/4/li by @seth . If you must have a GUI for creating and mounting vaults, look at #zuluCrypt mhogomchungu.github.io/zuluCry – IMHO the app is still in need of a little polish, though.

    b) An encrypted overlay file system allows for incrementally backing up changed assets, but exposes considerable metadata (rough file sizes, directory structures, modification dates).

    The most widely used package for this is probably #gocryptfs. Its "HowTo" is literally a one-pager: nuetzlich.net/gocryptfs/quicks

    Start of this thread:
    mastodon.de/@tuxwise/113503228

    #ThreatModeling #4D

  29. (24/N) There are some best practices that will make it easier to answer threat modeling question #3, "What are you going to do about it?". These will help you protect a wide range of assets by taking care of your devices, so let's look at them first:

    1. Encrypt data at rest
    2. Bootstrap your workplace
    3. Actively maintain your devices
    4. Secure your devices
    5. Prepare for repair

    1. Encrypt data at rest

    What can you achieve with intermediate knowledge, without fully descending into the rat hole?

    ⚠️ Caveat: this is best done when setting up #Linux on a new device. Modifying an existing installation on your own IMHO isn't advisable if you're not a seasoned user. If you still decide to venture into it, make SURE you have backed up all your assets, before following "howtos on the internet". You have been warned.

    Likening your device to a medieval city:

    1) Full-Disk Encryption (FDE) is like locking the "city gate". Most popular Linux distributions offer FDE during the installation process. FDE is also your last line of defense when your device gets stolen, or your disk fails and cannot be safely wiped before disposing of it. Use FDE. (Yes, technically, "Full" is not absolutely accurate. We'll leave it at that.)

    2) Within your "city", there will likely be at least two "houses": the home of the admin account, and your personal home. Using FDE alone, the "doors" of these homes won't have any locks of their own. Possibly not a big deal with respect to the administrative account, but admins being able to access any of your non-public assets, even when you're not logged in, is probably not what you want.

    While the specific steps depend on your preferred Linux distro, a "portable" solution is to create a separate, encrypted disk partition, and have it mounted as your user home directory, when you log in. That solution is based on cryptsetup and the pam_mount module, a nice tutorial example is:

    3) Within your "house", you may wish to have a locked "chest", e.g. for your #FYEO assets. There's essentially two options: a) a single, encrypted container file that acts as a "#vault" for your asset files; or b) an encrypted overlay file system that maintains an openly visible directory hosting your encrypted assets, including directory structures, in the background; and allows you to mount a decrypted counterpart, for working on your assets.

    a) A "vault", being a single file, is easy to copy and carry around, on arbitrary storage media, e.g. USB sticks. It doesn't reveal too much about its contents, but resizing it takes a little effort. Also, you can't "incrementally backup" content changes, just copy the whole, changed vault.

    A nice tutorial for creating and using a vault using plain, standard cryptsetup is opensource.com/article/21/4/li by @seth . If you must have a GUI for creating and mounting vaults, look at #zuluCrypt mhogomchungu.github.io/zuluCry – IMHO the app is still in need of a little polish, though.

    b) An encrypted overlay file system allows for incrementally backing up changed assets, but exposes considerable metadata (rough file sizes, directory structures, modification dates).

    The most widely used package for this is probably #gocryptfs. Its "HowTo" is literally a one-pager: nuetzlich.net/gocryptfs/quicks

    Start of this thread:
    mastodon.de/@tuxwise/113503228

    #ThreatModeling #4D

  30. (24/N) There are some best practices that will make it easier to answer threat modeling question #3, "What are you going to do about it?". These will help you protect a wide range of assets by taking care of your devices, so let's look at them first:

    1. Encrypt data at rest
    2. Bootstrap your workplace
    3. Actively maintain your devices
    4. Secure your devices
    5. Prepare for repair

    1. Encrypt data at rest

    What can you achieve with intermediate knowledge, without fully descending into the rat hole?

    ⚠️ Caveat: this is best done when setting up #Linux on a new device. Modifying an existing installation on your own IMHO isn't advisable if you're not a seasoned user. If you still decide to venture into it, make SURE you have backed up all your assets, before following "howtos on the internet". You have been warned.

    Likening your device to a medieval city:

    1) Full-Disk Encryption (FDE) is like locking the "city gate". Most popular Linux distributions offer FDE during the installation process. FDE is also your last line of defense when your device gets stolen, or your disk fails and cannot be safely wiped before disposing of it. Use FDE. (Yes, technically, "Full" is not absolutely accurate. We'll leave it at that.)

    2) Within your "city", there will likely be at least two "houses": the home of the admin account, and your personal home. Using FDE alone, the "doors" of these homes won't have any locks of their own. Possibly not a big deal with respect to the administrative account, but admins being able to access any of your non-public assets, even when you're not logged in, is probably not what you want.

    While the specific steps depend on your preferred Linux distro, a "portable" solution is to create a separate, encrypted disk partition, and have it mounted as your user home directory, when you log in. That solution is based on cryptsetup and the pam_mount module, a nice tutorial example is:

    3) Within your "house", you may wish to have a locked "chest", e.g. for your #FYEO assets. There's essentially two options: a) a single, encrypted container file that acts as a "#vault" for your asset files; or b) an encrypted overlay file system that maintains an openly visible directory hosting your encrypted assets, including directory structures, in the background; and allows you to mount a decrypted counterpart, for working on your assets.

    a) A "vault", being a single file, is easy to copy and carry around, on arbitrary storage media, e.g. USB sticks. It doesn't reveal too much about its contents, but resizing it takes a little effort. Also, you can't "incrementally backup" content changes, just copy the whole, changed vault.

    A nice tutorial for creating and using a vault using plain, standard cryptsetup is opensource.com/article/21/4/li by @seth . If you must have a GUI for creating and mounting vaults, look at #zuluCrypt mhogomchungu.github.io/zuluCry – IMHO the app is still in need of a little polish, though.

    b) An encrypted overlay file system allows for incrementally backing up changed assets, but exposes considerable metadata (rough file sizes, directory structures, modification dates).

    The most widely used package for this is probably #gocryptfs. Its "HowTo" is literally a one-pager: nuetzlich.net/gocryptfs/quicks

    Start of this thread:
    mastodon.de/@tuxwise/113503228

    #ThreatModeling #4D

  31. Do someone know how to open a Vault in #kde #plasma on login using the users login password?

    #encrypt #gocryptfs

  32. Do someone know how to open a Vault in #kde #plasma on login using the users login password?

    #encrypt #gocryptfs

  33. Do someone know how to open a Vault in #kde #plasma on login using the users login password?

    #encrypt #gocryptfs

  34. Do someone know how to open a Vault in #kde #plasma on login using the users login password?

    #encrypt #gocryptfs

  35. Шифрование для облака: разные подходы

    Облачные сервисы по-разному подходят к шифрованию данных на своём хостинге. В некоторых случаях это шифрование не удовлетворяет требованиям безопасности, поэтому приходится брать задачу в свои руки и шифровать файлы самостоятельно.

    habr.com/ru/companies/ruvds/ar

    #бэкапы #шифрование #Encryption_SDK #Database_Encryption_SDK #Secrets_Manager #Clean_Rooms #C3R #CloudHSM #KMS #HSM #DEK #KEK #multikeyring #restic #rsync #gocryptfs #cppcryptfs #DroidFS #gocryptfsinspect #Cryptomator #ruvds_статьи

  36. Шифрование для облака: разные подходы

    Облачные сервисы по-разному подходят к шифрованию данных на своём хостинге. В некоторых случаях это шифрование не удовлетворяет требованиям безопасности, поэтому приходится брать задачу в свои руки и шифровать файлы самостоятельно.

    habr.com/ru/companies/ruvds/ar

    #бэкапы #шифрование #Encryption_SDK #Database_Encryption_SDK #Secrets_Manager #Clean_Rooms #C3R #CloudHSM #KMS #HSM #DEK #KEK #multikeyring #restic #rsync #gocryptfs #cppcryptfs #DroidFS #gocryptfsinspect #Cryptomator #ruvds_статьи