You are not logged in.
Hi all,
I'm looking for a method, to encrypt files on a server with the possibility to add and remove keys to give multiple user access to the files. It should be possible to change the privileges later on.
I want to have the files encrypted on the server. The users can download the file from the server and decrypt it locally on the user pc. Do you know about a nice, working solution? A C/C++ API for the encryption tool would be also nice.
Thank you in advance,
JayDoe
Offline
In which kind of environment do you want to use this (e.g. family, company, etc.)?
Would using gpg with a symmetrical encryption and the key known to each user be feasible for your scenario?
I put at button on it. Yes. I wish to press it, but I'm not sure what will happen if I do. (Gune | Titan A.E.)
Offline
Thanks for you reply. I want this to use in my company to securely store files. I know, I can control the access to the files in many different ways, but if there's a possibility to (additionally) supervise the access by encryption, I would prefer that. Unfortunately, having the same key for every user is not feasible.
I also searched for it for a while and couldn't find something suitable, but as LUKS supports something like this (multiple keys for a single device with possibility to revoke/add keys), I'm still hoping to find something similar for file based encryption.
Offline
Actually gpg supports encrypting files for multiple recipients by simply specifying multiple of them.
For example:
gpg -e --recipient foo@bar.com --recipient bar@foo.com --output test.doc.gpg test.docYou need one gpg key for each of your users and it should work.
I put at button on it. Yes. I wish to press it, but I'm not sure what will happen if I do. (Gune | Titan A.E.)
Offline
Yes I know, but the recipients are fixed, I can't add/revoke them after the file was encrypted. That's so pity, because otherwise gpg would be the perfect solution.
But I found a workaround, which will maybe work for me: https://unix.stackexchange.com/question … t-a-normal
Offline
Couldn't you just re-encrypt the file with the new recipients? It would be quite some encryption overhead...how big are those files?
I put at button on it. Yes. I wish to press it, but I'm not sure what will happen if I do. (Gune | Titan A.E.)
Offline
It differs very much, but mostly below 10 MB. But many files... Maybe I will just make an own encryption for every folder.
Offline