UK journal “Linux Format” has a two-part article in issues #236 and #237 about using Syncthing and EncFS to implement encrypted file aggregation and off-site storage.
just a hint, encfs is not considered secure anymore, since 2014, see https://defuse.ca/audits/encfs.htm
Lars,
Thanks for the hint. Yes, I’ve seen that report and others.
Through the years, I’ve realized “security” is not a binary “yes” or “no”. Everything has weaknesses and strengths. Given any software package, I work to mitigate weaknesses and enjoy the strengths. There are other alternatives to EncFS if the security implementation makes sense in your architecture.
Yup. Lots of choices for the encryption engine. The overall architecture and dependencies between syncthing and encryption was the challenging part - handling startup sequencing properly and handling cases where one drops off-line for various reasons.
It seems that the newer releases got more attention with respect to security [Releases · vgough/encfs · GitHub]