Encrypted, secure, private and n00b-proof web share

Hi!

This is a topic that's been on my mind for some time now. I haven't found an alternative that fits all four of those properties so far.

Prerequisites:

  • Private network, used by several known, but not-to-be-trusted people
  • A computer that's online 24/7
  • Files are to be accessed mainly locally, but also to be available online. Speed is not an issue as long as it works.
  • Remote access may be made from public places.
  • My mom should be able to dial in sans a teamviewer session

First approach: OpenVPN + SMB
☑ - Encrypted
: Transfer via VPN, storage can be encrypted server-side
☑ - Secure
: Two factor authentication (by not allowing one to use the same credentials for VPN and SMB)
☑ - Private
☐ - n00b-proof
: 3rd party software installation and configuration required, credentials can and will be stored unsafely

Second approach: WebDAV
? - Encrypted
: Transfer and storage can be encrypted server-side
? - Secure
: The internet says it's exploitable, even if no executables are handled on it
☑ - Private
☑ - n00b-proof
: Easy as installing a network drive

Third approach: Cloud (SpiderOak / gDrive + boxcyrptor)
☑ - Encrypted
☑ - Secure
☐ - Private
: No offline access
☐ - n00b-proof
: SpiderOak is not free and gDrive/box/dropbox etc. + boxcryptor require at least minimal knowledge of what you're doing and a 3rd party tool

Personally I love the idea of WebDAV. But afaik it's not securable without involving steps that are just as elaborate as VPN+SMB.
Please do correct me.

Did anyone properly complete this quest yet?

I think that the VPN option will be the most secure, especially if you use certificates as you can revoke them on the server and prevent someone gaining access if a certificate is compromised.

I don't really know anything which covers all your requirements but maybe some kind of private peer to peer network might work.

1 Like

I haven't used it myself, but owncloud.org seems to mesh up fairly well with what you want.

Im using free account on MEGA and Im quite happy about it. Its encrypted, secure...and free. You get 50GB of data storage, access via PC or mobile phone app... check it out :)

Clouds are out of the question as per Third approach.

The VPN solution seems to be the most viable one but issue still persists:

Tell your mom to put the files she wants to upload onto the cifs share 'bam' with her name and as pwd yours, lowercase, mixed with your birthday, on 10.11.12.13 via the openvpn config files attached, same user name like her google account and her license-plate-number lowerkey mixed with first letters of her birthday cards text with nomes in uppercase.
At least mine won't pull this off without me doing everything.

Even people who know all this stuff but don't work with it on a regular basis will be annoyed a lot.

Maybe making a public form for openvpn-account-creation (to be confirmed by an admin) and a local-only form for cifs account creation (also to be confirmed) and then a link for auto-creation of a batch file (sans credentials of course) might be an idea.
That's overkill, though^^

Bit Torrent Sync Essentially forms and encrypted file share across computers (bypassing the cloud) locally, or through the web.

1 Like