service side encryption for local backend #471

fnpanic · 2022-02-28T22:19:46Z

Hi,

it would be great to have server side encryption for localbackend by passing a password as a header and then encrypting it with AES. On download the password should be passed to the server.

The server itself das not store the passwords and so has encryption at rest.

aspacca · 2022-03-01T12:30:26Z

hi @fnpanic

there is still open a PR I worked on long time ago: #162

there are some concerns having the encryption on server side since you have to trust the server obviously.

fnpanic · 2022-03-01T14:15:25Z

@aspacca Thanks for your feedback! That is exactly what i was thinking about. The downsides are clear but it is really a good solution for encryption at rest.

Any chance to get this merged?

aspacca · 2022-03-02T13:58:43Z

@fnpanic revamped it

but I can see this: golang/go#44226

@stefanbenten what do you think?

aspacca · 2022-03-02T13:59:56Z

I forgot: you can achieve the same goal with https://github.com/dutchcoders/transfer.sh#encrypt--upload

fnpanic · 2022-03-02T21:06:07Z

Yes it does but if you download it form a windows box it is not very easy to decrypt it on the fly. That is why i think your patch is a great fit here.

aspacca closed this as completed Mar 10, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

service side encryption for local backend #471

service side encryption for local backend #471

fnpanic commented Feb 28, 2022

aspacca commented Mar 1, 2022

fnpanic commented Mar 1, 2022

aspacca commented Mar 2, 2022

aspacca commented Mar 2, 2022

fnpanic commented Mar 2, 2022

service side encryption for local backend #471

service side encryption for local backend #471

Comments

fnpanic commented Feb 28, 2022

aspacca commented Mar 1, 2022

fnpanic commented Mar 1, 2022

aspacca commented Mar 2, 2022

aspacca commented Mar 2, 2022

fnpanic commented Mar 2, 2022