Encryption for the Linux CLI Agent


#1

Hello,
i use your Windows Client for about 1 month now. It works very well for daily used files. All files are encrypted on Amazon Cloud Drive. I would like to use the odrive CLI Agent now on linux for bigger backup files and sync them automatically. But i can´t see any encryption funcionality like in the windows desktop agent. Is there a plan to integrate this functionality and if so when?

best regards
Reini


#2

Hi @Reini,
Encryption is not currently supported in Agent, but it is planned. We do not have a date for release yet.


#3

Is there any estimate you can give us? This is a feature that I would really like.


#4

Any further ideas on when this might be available?


#5

Hi @cdl,
It is tied into the large-scope development we are doing, so no estimates at this time.


#6

+1. Really need this feature


#7

+1 I would love to see this feature!


#8

Any updates on this?


#9

Hi @shaiguitar,
Can you test this beta build of agent and the CLI client? https://www.odrive.com/s/6ecf490a-6ae4-45bd-aa81-55d0df7c1725-5b2ae330

There is a new command encpassphrase that will allow you to specify a passphrase for an Encryptor folder.

usage: odrive encpassphrase [-h] [--initialize] passphrase id

positional arguments:
  passphrase    Encryptor folder passphrase
  id            Encryptor ID

optional arguments:
  -h, --help    show this help message and exit
  --initialize  Initialize a new Encryptor folder passphrase. Do not use if
                passphrase has already been set

To use this command you need to specify the passphrase and the Encryptor folder ID. The Encryptor folder ID can be obtained by trying to sync an Encryptor folder before a passphrase has been specified.

You will see a message like this when trying to sync an Encryptor folder that has never been setup:

No passphrase set for 11111111-1111-1111-1111-111111111111-11111111
Set a passphrase with encpassphrase --initialize.
For example: encpassphrase --initialize [your passphrase here] 11111111-1111-1111-1111-111111111111-11111111

You will see a message like this when trying to sync an Encryptor folder that has been setup previously, but never accessed on this system:

No passphrase stored for 11111111-1111-1111-1111-111111111111-11111111
Specify your passphrase with encpassphrase.
For example: encpassphrase  [your passphrase here] 11111111-1111-1111-1111-111111111111-11111111

The Linux agent will store the passphrase in a file in ~/.odrive-agent/db/odrive-encryption-[UUID]. This file is protected by file system permissions, but I am pointing it out because it is stored in plaintext. Once the passphrase has been entered, the odrive agent will hold it in memory, so it is possible to delete the file and still sync your encrypted content until the agent is restarted, if you wish. If you do that you will need to specify the passphrase again, once the agent is restarted.


Does Encryptor work with Linux (odrive Agent)?
#10

Good to know there’s some progress here! Do you have an ARM (raspberry pi) build?

~/tmp-test-odrive $ ./odrive --help
-bash: ./odrive: cannot execute binary file: Exec format error

~/tmp-test-odrive $ ./odriveagent  --help
-bash: ./odriveagent: cannot execute binary file: Exec format error

~/tmp-test-odrive $ cat /proc/cpuinfo|grep ARM
model name	: ARMv7 Processor rev 4 (v7l)

#11

Hi @shaiguitar,
I added the rest of the platform builds to that share link above.


#12

Hi @shaiguitar and others,
Does anyone have any feedback on the addition of encryption to the agent? I would like to push it out, officially, if its working well for folks.


#14

4 posts were split to a new topic: Uclibc support for Agent ARM build