Providing a shared folder across the home network is a very useful way to store documents. The documents are available to all the computers in the network, and it is far easier to back them up using one of the many online services. Some of these services provide encryption of your data. However, Ubuntu One does not yet encrypt your data. Even though I do not have any big secrets in my documents, I do not want it to be easy to read them for other people. Therefore, I wanted to encrypt them before uploading them to Ubuntu One.
This post shows how to use a machine with Ubuntu as a central server, how to encrypt your data, and how to back them up using Ubuntu One. The guide assumes that you have a disk (array) containing the data that is mounted outside your home folder in Ubuntu.
Encryption
There are several ways to encrypt your data. Ì chose to use a virtual, encrypted file system that encrypts my data on the fly. There are several ways to do this, but I chose encfs. It was recommended around the net, and it seems to be working great. Setting it ups is relatively easy. Just follow this great guide by HyRax1 (thanks man). Just take note on how to share the folder with samba (assuming that you already have set up file sharing/samba on your machine. Just google it if in doubt.)
The guid will ask you create two folders. One for the encrypted data, and one for decrypted data. The folder for decrypted data gives you a view that allows you to read and modify your data.
Please make sure to remember your password!
Linking the folder into your home folder
Since Ubuntu One only supports synchronization of folders within your home folder, you have to bind the folder (the encrypted one) into your home folder. Create a folder named “private_documents” in your home folder, and in a command prompt type:
sudo getdit /etc/fstab
Then add a line similar to the one below into your fstab:
/path/to/encrypted_data /home/[user name]/private_documents none bind 0 0
Synchronize data with Ubuntu One
Right click your private_documents, select “Synchronize on Ubuntu One”. See this guide for more info. Now you are all done.
The data may now be downloaded and decrypted on another computer simply by installing encfs and mapping the folder:
encfs /path/to/encrypted_data /path/to/decrypted