cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Delete, edit, and organize

Solve issues with deleting, editing, and organizing files and folders in your Dropbox account with support from the Dropbox Community.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Encrypting local copies of shared files and synchronizing

Labels:

Encrypting local copies of shared files and synchronizing

ap8
Explorer | Level 4
‎07-18-2018 03:30 AM
Go to solution

Hi,

I understand that encryption of the local copy of Dropbox files is my responsibility.

 

For various reasons, I do not want to encrypt the entire PC with Bitlocker and a boot password. I am using VeraCrypt and encrypting only those chunks of data that are "sensitive".

 

I am using Dropbox to work with various clients. If I encrypt my local copies of the files and then synchronize them, my clients have to unencrypt (with VeraCrypt) and each client needs their own password! (A nightmare to manage... even if they would be willing.)

 

VeraCrypt works by having an encrypted volume (a file) that is mapped to an unencrypted folder with a drive letter (L:\, for example). The unencrypted folder 'vanishes' when the file is unmounted, and this happens automatically when I switch off the computer or log out.

 

I create unencrypted file-level backups by backing up the unencrypted mounted folder to a (separately) encrypted location. Can I do the same with Dropbox?

 

To clarify:

If I create a file with VeraCrypt and map it to a folder (D:\) and then set DropBox to synchronize with D:\ (assuming I can do this), how will the mounting and unmounting of this volume be reflected?  Will unmounting of D:\ (containing the local copies of DropBox files) be seen as having deleted them, so synchronization will delete them from the cloud side? Or will it just be seen as the drive not being available (as if it were a portable drive)? And conversely, if Dropbox starts first, will the absence of the mounted folder be an issue?

 

I can do some testing myself - but first will have to ask clients to unshare their files with me so things don't start synchronizing unexpectedly. I'm trying to avoid asking them to do that (and then reshare them afterwards) if people already know that this does not work.

 

Thanks in advance,

 

Alison

Labels:
  • 1 Likes
  • 6 Replies
  • 4,170 Views
1 Accepted Solution

Accepted Solutions

Jay
Dropbox Staff
‎07-18-2018 03:42 AM
Go to solution
Thanks for the detailed requirements, Alison. Sounds like how TrueCrypt works when I use it occasionally by mounting a folder of the encrypted file.
 
Long story short, it wouldn’t work the way you want it to, since it will see it as a hard drive that no longer exists, and thus the folder will be ‘missing’. 
 
You’ll get an error message almost instantly, and in the worst case scenario, it’ll start to delete files from your account, thinking that the files were all deleted at once.
 
It’s similar to how having your Dropbox folder syncing on an external drive works, and my post here about the potential effects of that would apply here.
 
Hope this helps to clarify matters!

Jay
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

View solution in original post

6 Replies 6

Jay
Dropbox Staff
‎07-18-2018 03:42 AM
Go to solution
Thanks for the detailed requirements, Alison. Sounds like how TrueCrypt works when I use it occasionally by mounting a folder of the encrypted file.
 
Long story short, it wouldn’t work the way you want it to, since it will see it as a hard drive that no longer exists, and thus the folder will be ‘missing’. 
 
You’ll get an error message almost instantly, and in the worst case scenario, it’ll start to delete files from your account, thinking that the files were all deleted at once.
 
It’s similar to how having your Dropbox folder syncing on an external drive works, and my post here about the potential effects of that would apply here.
 
Hope this helps to clarify matters!

Jay
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

ap8
Explorer | Level 4
‎07-18-2018 04:00 AM
Go to solution

Thanks very much for the prompt reply, Jay.

 

Pretty much as I feared, and I'm trying to remove the human being (me) from the equation as much as possible. I could prevent the Dropbox app from starting until everything is ready, but therein lies madness. Mine!

 

If it was just me needing to access the files, I'd encrypt before synchronising...

 

The only other things I can think of are:

  • To create an encrypted partition that unencrypts on boot... but that is *almost* back to the Bitlocker scenario. (Others occasionally use my PC, I'd have to give them the boot password, and then we have humans in the loop again. 🙂
  • To stop their files from synchronizing so I have to access them online. Safer but MUCH less convenient!

I'll pass the problem on to the clients and see what their suggestions are - only two or three (so far) are affected. Either they will have thought of something already and not told me, or will not have given it a moment's thought...

  

Alison

0 Likes

Jay
Dropbox Staff
‎07-18-2018 05:06 AM
Go to solution
I hope you find a solution that’ll give you the least amount of admin to do on your end!

Jay
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

ap8
Explorer | Level 4
‎07-19-2018 06:44 AM
Go to solution

Just a sanity check... it sounds like the only really safe option is to encrypt the whole system and unencrypt on boot, so nothing can start synchronising until after the unencryption has completed.

0 Likes

Boca
Helpful | Level 6
‎12-15-2018 02:31 PM
Go to solution

If I understand your need... it sounds like I am doing the same thing without any issues.

 

I have a Veracrypt vault which looks like a single file ( eg A) to Dropbox but, when unencrypted, it mounts a new drive letter which can contain files B,C,D etc.

When I make changes to B,C, D then close the vault, this causes a change to A which prompts Dropbox to sync it.

I can access fille A ( and un-encrypt/encrypt) it from several locations.. using the same password.

 

Hope this helps.

0 Likes

Dave_Rasch
New member | Level 2
‎03-03-2020 10:58 AM
Go to solution

In TruCrypt and VeraCrypt you can set up the container without a password but with one or more key files. 

I have my user able to run the veracrypt command via sudo without a password, then I have my key file(s) on a USB drive, and then use this command line in linux to mount automatically.  

sudo veracrypt -t -k "<where the usb drive mounts>/<keyfile>" -p "" --non-interactive --pim=0 --fs-options=owner --protect-hidden=no /<dir>/<encrypted container> /<mnt point>/Dropbox

Put the USB drive in and run the mount script that I have; mounts it and starts dropbox

To remove I run a umount script; stops dropbox and unmounts the container

So far I have had no luck geting it all working the way I like with udev ... but that will come along.

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Dave_Rasch New member | Level 2
  • User avatar
    Boca Helpful | Level 6
  • User avatar
    ap8 Explorer | Level 4
  • User avatar
    Jay Dropbox Staff
What do Dropbox user levels mean?