I’m in the process of changing my note taking from Standard Notes to Obsidian, and I am trying to figure out how I can sync notes between my laptop and Android device with the notes encrypted. I thought I had the solution by encrypting with Cryptomator and syncing the encrypted vault with Syncthing. But I realized that Cryptomator on Android does not work by mounting a new drive like it does on Linux, so Obisidian could not access the unencrypted files. So now I am not sure where to go from here.

My requirements:

  • Notes are synced both ways between laptop and phone
  • Notes are encrypted at rest
  • No usage of external cloud services

How do you go about syncing?

  • Yote.zip@pawb.social
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    My only guess is that you could maybe use Termux to set up a gocryptfs mount that Obsidian could use, but I’m not sure if that would work or not. gocryptfs encrypts files physically on the drive, but exposes them unencrypted under a transparent logical mount.

    Edit: DroidFS uses gocryptfs in the backend, maybe that would be easier.

    • cyberwolfie@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Interesting. Would require the use of some of the unsafe features, but at first glance it does look like this could work.

  • NotAnArdvark
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Does the disk encryption of Android count as encrypted at rest? If not, I think this will be a hard requirement to meet.

    That aside, I’m having good luck with Synching. I think there’s a bit of a learning curve setting it up, but you don’t really have to touch it once you’re done.

    • cyberwolfie@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      No, as I’d want it to be protected in the case someone gets a hold of the device in an unlocked state.

      I found Syncthing very nice to work with, and successfully synced between my two device, so I would love to keep using it. But as it is now, I would have to sync the unencrypted files on both my devices. Not sure how it will behave if I try to sync the mounted drive on my computer, if the vault is locked.

    • cyberwolfie@lemmy.mlOP
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      The transfer I would assume is encrypted, but it is the files at rest I am interested in making sure is encrypted.

  • October2055@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    7 months ago

    I have been thinking through this exact problem in the past few weeks. Let’s write back with what we come up with! I’m going to explore the DroidFS suggestion.