OperationTulip.com want to help our users keep their data safe and secure. Enabling end-to-end encryption makes it possible for those interested to keep their data on our servers securely.
If you take advantage of end-to-end encryption, the files will be impossible to open even if someone gets access to your files on the server.
In this post, I’ll show you how to use end-to-end encryption on OperationTulip.com
What is end-to-end encryption?
End-to-end encryption means the user encrypts the files he or she wants to store safely before sending them off to the cloud storage. That means that even if someone gets access to the files, they cannot open or view the file without the encryption key.
Without end-to-end encryption access to the account equals access to the files.
OperationTulip.com provide secure upload and download via https, but do not encrypt files on the server. For most people that’s secure enough, but if you want to be sure that no one can view or open your files end-to-end encryption is the only safe way to achieve that.
How to enable end-to-end encryption
There is a module for enabling end-to-end encryption on NextCloud instances. Unfortunately, that module is not stable enough to recommend using (it’s possible to use the built-in module but we advise strongly against it – the curious can read about it here).
At this moment, we recommend that you use a third party software instead. There are many solutions on the Internet, but we recommend duplicati as its open source, cross platform, and free.
How duplicati works
Duplicati is available for windows, Mac and most Linux distributions. That means it’s possible to encrypt and sync files on a Windows computer and decrypt them on Mac or Linux (something that can be a deal breaker for some people).
The installation of duplicati is simple and well documented so I’ll jump that part in this post.
If you are using Linux or Mac, you must install the mono framework to get duplicati to work. On ubuntu, they include mono in the installer, but on Mac I had to go to the mono website, download it, and install it before I could run duplicati. You can find mono here.
The setup is less intuitive, and it took me some time, trials and googleing (is this an actual word?) before I made my first successful sync.
Duplicati is set up via the browser, so don’t expect any kind of regular software starting after installing it. The good thing about that solution is that I’ll only have to make one tutorial as the setup is the same on all operating systems.
Setting up a synchronization job
Now it’s time to set up duplicati. I’ll insert a short video here but will describe the steps to set up the sync in the text below the video.
Settings for making duplicati working with operationtulip.com
- Start by selecting ‘Add backup’ and choose Configure a new backup and click next.
- Then you’ll give the backup job a name – I chose duplicati-sync in the video. Check that the Encryption is set to AES-256 (a strong encryption) and choose a pass phrase (without this pass phrase you can never access the files again so be sure to remember the pass phrase).
- Then you must choose ‘webdav’ as Storage Type and give duplicati your credentials for your account.
- Server should be ‘cloud.operationtulip.com’
- Path on server should be ‘remote.php/webdav/GiveTheFolderOnTheServerAName’
- Username and password are the same as you use to login at operationtulip.com via your browser.
- If the name of your folder is not already there on your cloud storage, a pop-up will show up and ask if you want to create the folder – press yes to continue.
- Next up you choose what folder or folders that will be encrypted and backed up. In the video, I select my desktop (but you can choose any file or directory you want to).
- After that you choose how often duplicati will run a backup of the file or directory you chose in the section previous to this one. In the video, I choose one backup every day.
- Next, you need to set the ‘Remote volume size’ to 50 GByte instead of the default 50 MByte. And in the video I’ll chose to keep my backups for 7 days (that means that every day, the backup from the same day previous week is deleted and replaced with a new backup. Every Monday the back up from previous Monday is overwritten).
The files in the selected folder on my hard drive are now encrypted before I store them at OperationTulip.com If your encrypted files get a suffix of dlist.zip.aes that means that the encryption was successful.
Conclusion
Although duplicati is meant to be a backup software it is also a good way to encrypt your files before sending them to your cloud storage where they’ll be kept encrypted. This is especially important for files that you don’t want anyone else to be able to access.
Please feel free to share your experiences with duplicati on operationtulip in the comments field below.