I would like to ask you about your recommended way to synchronise sensitive files across different devices. For example, I work with the Cherrytree database file on a Windows PC and I would like to work with the same file on the Qubes machine. I could sync this file to the dropbox and create an appvm on Qubes that only contains the dropbox and the Cherrytree app.
It works, but I think there should be a more elegant way to sync files between devices. Can you recommend different ways?
Dear @necker thank you very much for your recommendation.
I studied Syncthing and unfortunately it won’t be suitable because I don’t have the possibility to set the port forward on the router and/or UPnP. I tried OnionShare, but it won’t allow regular synchronisation, only one-time.
Well, that certainly seems better than Dropbox alone. I don’t like Dropbox because they don’t respect user privacy. I don’t want to give them my money. Boxcryptor also has a fee. I recall that Veracrypt works well with Dropbox and it’s free.
As far as a quasi-mainstream paid service, I might opt for something like Tresorit. Ideally, I would set up something on a VPS, but I don’t trust my technically ability to do it securely.
Yes. Supposedly the volunteer-run relay servers, when used (i.e. when firewall/NAT settings prevent devices from contacting each other), see only encrypted content.
But I haven’t reviewed the source code.
If I were to adopt it, I’d probably use encrypted containers/archives for sensitive financial/personal data.
rsync is a good suggestion … syncthing has always looked good in principal but ive never used it
using a cloud provider like dropbox to ‘bounce’ a ‘sensitive’ file from one machine to another is the very antithesis of transferring sensitive files.
If the systems are both on the same network then there are much better solutions than using a cloud service. If they are not on the same network, then at least GPG them before transfer via a 3rd party.
The problem is that I need to sync files from my PC at work to my home PC so that I can continue working on weekends. I don’t have the ability to open ports or enable UPnP on the company router. I need to have the most up-to-date version of the files on both devices (home and work) at all times. I’m looking for a solution to automate the whole process so that I don’t have to think about synchronization and don’t have to, for example, encrypt the files with GPG every time. On a local network rsync would be ideal, unfortunately I need to sync over the internet.
OK you cant control the work router. but if you have a machine at home which can act as fileserver (hell, even a Pi with a USB SSD will do) then forward the port on the home router. Set up a recurring rsync job on the work machine to ‘push’ the data over SSH+key to the home machine. If your home IP changes, use something like dyndns.
What you also need to be careful of with syncing any work files to home is any contractual stipulations and corporate data protection & infosec requirements. For example, if your employer has to abide by Sarbanes Oxley then your employer can be taken to the cleaners if you are syncing work data to home machines outside of your employers control
thank you, but I’m afraid I wouldn’t be able to set everything up safely enough to avoid making a mistake
Of course, I am allowed to sync files from my work PC and everything is in compliance with company regulations. The company is not subject to Sarbanes Oxley.
Corporate IT allowed me to use SSH, so I solved the problem with a cronjob with rsync. I would have a dummy question: thanks to rsync in cronjob I effectively sync from machine1 → machine2. Could someone please advise me how to set up cronjob on both devices so that the files I want to sync are always up to date on both devices? I.e. I make a change to the files on machine2 and cronjob syncs the latest version to machine1 and vice versa.
This comment pertains to the title of this thread in general but is not part of his intended question:
I’ve been pondering this too. What if the remote is grapheneOS (I.E. a phone)? I suspect you can’t run rsync on grapheneOS as grapheneOS doesn’t have (and tells you not to try) root.
rsync supports both push/pull (i.e. initiating the transfer from any of the devices), so if you have SSH access from your corp network you can initiate the home-to-work sync as well.
Or are you actually asking how to set up periodic jobs on your qube?
You can use find to get the most recent files and then feed the list of files to rsync.
But if you manually run rsync you will still end up with the complexities of bidirectional sync. Have you looked into osync?