Can I have my files encrypted when they're located on a friend's server via Federation, but NOT when they're on my own server (and vice versa)?

Hi,

I hope I’m understanding the purpose of federated cloud sharing correctly. I’d like to share extra storage space between myself and my friend, such that each of us always have an off-site backup of our files. I would like to set it up such that the files are encrypted when on his machine, so that only I can access my files, but the files are not encrypted when on my machine, so that syncing goes faster. Is that possible?

I asked ChatGPT this question and it answered saying yes, but I’m not sure whether its answer was correct. Here’s what it wrote:

Yes, it is possible to encrypt files when they are on the server of the other user with whom you are sharing the files while not encrypting them on your own server. This can be achieved through the use of end-to-end encryption (E2EE) in ownCloud.

With E2EE, the files are encrypted on your own server before they are shared with another user. The encryption key is only known to you and the other user, and it is not stored on any server. This means that even if the files are stored on the server of the other user, they cannot be accessed without the encryption key.

However, it is important to note that using E2EE can limit some of the functionality of ownCloud, as some features such as file previews and search may not be available with encrypted files. Additionally, once files are encrypted, they cannot be shared with other users who do not have access to the encryption key.

Therefore, it is important to carefully consider the trade-offs between security and functionality when deciding whether to use E2EE in ownCloud.

That’s a wrong use case. ownCloud isn’t designed as a backup storage. Backups are used to recover from a broken state. I’m pointing to Backing up ownCloud :: ownCloud Documentation for more info

The basic use case for federation is to share files among different ownClouds. I could have an account in my personal (public) ownCloud, and I could share a file with your account in your personal (public) ownCloud. You don’t need an account in my ownCloud instance, nor I need an account in your ownCloud instance.

For your case, you can have your ownCloud fully controlled by yourself, and your friend could have his own ownCloud. You can share content between each-other.

In addition, note that the files will stay in their original server. If I share a file with you, the file will remain on my server. Of course, you can copy the file to your server and have a copy of it, but it’s a copy: your copy won’t update if I update my file.
Basically, when you access to the share, you’re requesting access to the file. Whether the file is encrypted or not, depends on the state of the server where the file resides.

3 Likes

I see; Thank you for clarifying my misunderstanding, jvillafanez. I will follow those suggested actions for off-site backups. Unfortunately I see that there aren’t any tips for those who have installed ownCloud Server via Docker; Is there anything special I can do for when it’s run on Docker, or shall I just copy the files around the same as if it were installed via a tarball or package?

As far as I know, ownCloud’s data should be within a docker volume, so you should backup that volume somehow. The same for the DB.

I don’t know if docker provides anything to perform backups of volumes. Volumes is what I’ve found, although I don’t know if it’s useful.

3 Likes

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.