End to end encryption and synchronisation

Support
1

I have a few questions about enabling end to end encryption and how this works with Joplin’s synchronisation feature.

  1. First, is end to end encryption compatible with synchronisation?
  2. Second, if end to end encryption is compatible with synchronisation, would it be compatible with a platform other than Dropbox? I’m interested in using some sort of file syncing program, as my current cloud service doesn’t support WebDav.
2

E2ee and sync are 2 separates processes.

3

Short answer is yes to both questions, by enabling encryption your sync files will be encrypted no matter where they are.

4

Awesome! Do you know if enabling e2e encryption protects your data from the cloud provider you use for syncing? If setting up file sync ends up being too complicated, I might just use OneDrive. I typically don’t store anything in OneDrive unless I can keep it in a Cryptomator vault though.

5

It will, with e2ee enabled Joplin will encrypt all files before sending them to the provider (or before saving to the filesystem sync target). Not that the Joplin database (in the .config folder) will not be encrypted and you must use a veracrypt container or something similar to encrypt it.

6

It will, with e2ee enabled Joplin will encrypt all files before sending them to the provider

Note that the Joplin database (in the .config folder) will not be encrypted and you must use a veracrypt container or something similar to encrypt it.

Let me see if I’m getting it right, just to be 100% sure - the Joplin data stored in the cloud/cloud folder will be encrypted and thus invisible to the cloud provider if e2e encryption is enabled, even while that data sits in the cloud at rest. When the data is sitting on your local machine at rest though, then it won’t be encrypted unless you use a third party tool to encrypt it. Right?

or before saving to the filesystem sync target

Do you mean to say I can manually point Joplin to any sync target on my computer? I didn’t know this was an option. If so, do you think it might be possible to make a non-WebDAV cloud provider compatible with Joplin if you point Joplin to a WebDAV compatible location inside the cloud folder? In my case, that would be an unmounted Cryptomator vault. Although my preferred cloud provider isn’t WebDAV compatible, on Cryptomator’s website it says:

Currently WebDAV is our frontend of choice, as it is supported on every major operating system. WebDAV is an HTTP-based protocol and Cryptomator acts as a WebDAV server accepting so-called loopback connections on your local machine only

Thanks for your help!

7

That's correct

Again this is accurate

Joplin can sync to an arbitrary location on your computer. Which means it can be used with any sync provider that functions on a local folder

1 Like