-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Welcome to the CryptOne wiki! Safe storage of personal data is story about encryption and replication. Problem of replication can by solved by uploading data to few different clouds, but how about security? Do you trust any closed encryption?
CryptOne is simple open source tool which can encrypt data and upload to cloud. Cryptographic key stored on external USB storage and protected by PIN.
Industry standard libsodium used for crypto operations
Secret key generated securely using libcrypto, then XORed with hash of salted PIN code.
$ CryptOne generate-key
Generates new secret key, ask PIN, store key to external storage (USB stick) to file key0001.ekey Location of external storage loaded from CrypOne.ini file or if not specified there then first automatically detected removable drive used. Note: For security it is very advisable to have a key copy on few USB sticks. Note: There is no checking for correctly entered PIN during decoding. If PIN will wrong key will not be decrypted correctly.
$ CryptOne encrypt < folder > [ < output-file-name > ]
Compress and encrypt folder 'folder'. First folder TARed and compressed, then key loaded from external storage, PIN entered and file encrypted. If output file name not specified then default filename is used: crypt-one-data.tar.gz.enc This operation only encrypt, not upload to cloud.
$ CryptOne decrypt [ < filename > ]
Decrypts file downloaded from cloud. If no filename specified then default filename is used: crypt-one-data.tar.gz.enc USB stick required, PIN entered. Decrypted file then uncompressed to original folder name.
$ CryptOne up [ < filename > ]
Uploads encrypted file to clould. Cloud-id is number 0..N which correspond to pre-configured clouds in file CryptOne.ini If no filename specified then default filename is used: crypt-one-data.tar.gz.enc No USB stick required for operation.
$ CryptOne down < cloud-id > [ < filename > ]
Download encrypted file from clould. Cloud-id is number 0..N which correspond to pre-configured clouds in file CryptOne.ini If no filename specified then default filename is used: crypt-one-data.tar.gz.enc No USB stick required for operation.
$ CryptOne push < older-name > < cloud-id >
Combines operations 'encrypt' and 'up'. Compress, encrypt and upload folder to cloud. All operations in single command USB stick required
$ CryptOne pull < cloud-id > [ < filename > ]
Combines operations 'down' and 'decrypt'. Download file from folder, decomress and decrypt. All operations in single command If no filename specified then default filename is used: crypt-one-data.tar.gz.enc USB stick required