forum/2 clients using an encrypted server for syncing - possible?git-annexhttp://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/git-annexikiwiki2014-05-19T16:48:09ZChange the encrypted server repository group to "full backup"http://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_1_924521ad5972046bac44d2e04ec296c7/Charl2014-03-23T21:00:01Z2014-03-23T21:00:01Z
<p>Have you tried changing the repository group of the encrypted server to "full backup" instead of "transfer"?</p>
<p>I've just started experimenting with git-annex, and this setup (two possibly remote laptops, one encrypted server) seems to be working after very limited testing. I'm currently importing a larger collection of about 40000 files, will see if it still does (it seems whilst one client is transferring to the remote server, the other client laptop is not beeing synced; it did sync after my first batch of copying however.)</p>
No successhttp://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_2_e2a7f34a3ccc1b6467e6da611c067d66/Stein Roald2014-03-26T19:43:24Z2014-03-26T19:43:24Z
Thank you, Charl, for your suggestion. I've tried it, without success. (It doesn't seem like that change changed anything on the encrypted ssh-server.)
comment 3http://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_3_f9a369a6ac69f091e6128990274d3228/joeyh.name2014-03-26T21:10:39Z2014-03-26T21:10:39Z
<p>What kind of encrypted remote are you using? An encrypted rsync special remote does not include the git repository, but only the content of the files, so cannot be used in this way.</p>
<p>If you set up a <a href="http://git-annex.branchable.com/special_remotes/gcrypt/">gcrypt special remote</a>, it will be encrypted and includes the full git repository, as well as the content of the files, so can be used like this.</p>
Need some clarificationhttp://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_4_91b422f8d55b68077245c606c4f7f87c/Stein Roald2014-03-28T22:49:14Z2014-03-28T22:49:14Z
<p>OK, thank you Joey for your help, and I think you have made some really excellent software. I've spent a couple of days to configure gpg and understand how to use it (glad I did, it has been on my todo-list for a long time...)</p>
<p>First to your question: When I started, I just used the git-annex assistant to "set up a repository on a remote server using ssh" as a "transfer repository". Now I'll use git-remote-gcrypt instead.</p>
<p>Now I have 2 questions:</p>
<hr />
<p>1) On this webpage: <a href="https://github.com/joeyh/git-remote-gcrypt">https://github.com/joeyh/git-remote-gcrypt</a> these are the instructions for setting up a remote for two participants:</p>
<pre><code>git remote add cryptremote gcrypt::rsync://example.com:repo
git config remote.cryptremote.gcrypt-participants "KEY1 KEY2"
git push cryptremote master
</code></pre>
<p><strong>Question 1:</strong> As I own both computers myself, will syncing between the 2 computers work if I only use 1 KEY (the same KEY on both computers)?</p>
<hr />
<p>2) I am still struggling to understand git-annex assistant and the use of special remotes. Important reasons for using git-annex are backups and moving data to the cloud to free up disk space locally. If I've understood it correctly, git-annex assistant always encrypts data sent to special remotes. And it seems to me that this page <a href="http://git-annex.branchable.com/special_remotes/">http://git-annex.branchable.com/special_remotes/</a> suggest that git-annex assistant makes it easy to transfer files between different computers that do not communicate directly. I must clearly have misunderstood something, as Joey's comment above seem to state that I can't use the assistant for setting up syncing between computers.</p>
<p><strong>Question 2:</strong> If I loose my computer, or it becomes corrupted, how can I get my files back if I don't set up special remotes as a gcrypt special remote? (And if I can't, what is the purpose of the special remotes made by the assistant?)</p>
Confusedhttp://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_5_f6128fe75ff3453747f69f12e0fd0a5b/Adam2014-03-31T03:18:41Z2014-03-31T03:18:41Z
<blockquote><p>What kind of encrypted remote are you using? An encrypted rsync special remote does not include the git repository, but only the content of the files, so cannot be used in this way.</p></blockquote>
<p>Forgive me, Joey, I've been following your work on the assistant for almost as long as you've been working on it, and I use git a little bit, but I have yet to wrap my head around the complexities of git and how git-annex and the assistant...morph them. I've read all the design docs you've written, but I still don't understand this. From reading the OP it sounds like this is exactly what the encrypted rsync special remote is for: using a transfer repo to sync two devices that don't connect directly to each other. Why would he need to use a gcrypt repo instead?</p>
<p>Thanks for your patience. I know you get asked these basic questions over and over again.</p>
comment 6http://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_6_9b90b4031a5ed26c375903b33ed65a10/joeyh.name2014-04-02T20:11:35Z2014-04-02T20:11:35Z
<p>@Adam, an encrypted special remote does not contain the git repository (the gcrypt special remote is an exception to this rule). So you need to use another method to sync the git repository between machines.</p>
<p>@Stein Roald once you have a clone of the git repository, you have the information that git-annex needs in able to get files from encrypted special remotes.</p>
<p>Question 1: While gcrypt supports multi-key setups, when you use the git-annex assistant to set up a gcrypt remote it only sets it up to use one key. It's left to you to arrange for this key to be on every computer that needs it. Or use command-line stuff to add additional keys later.</p>
<p>Question 2: You can certianly use the assistant to set up syncing between computers, but the only setup that currently provides 100% end-to-end enctyption of the git repository is using gcrypt. (Special remotes are 100% end-to-end encrypted, but as I've stated several times, do not contain the git repository data.)
Since you seemed to want 100% end to end encryption I suggested using gcrypt. There are simpler setups, like using XMPP, that encrypt everything but not end-to-end, so the XMPP server could snoop on it.</p>
<p>If you loose your computer, you can get your files back from any other device where you've set up a clone of that repository. A backup drive, another computer , etc.</p>
comment 7http://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_7_acd64ce1b08a97ddf730622272e9f611/Stein Roald2014-04-03T21:55:14Z2014-04-03T21:55:14Z
<p>Thanks again, Joey, for your time and for your kind answers.</p>
<p>I have tried to set up git-annex with 2 laptops, each with their own gpg-key in order to use a remote server with gcrypt (and those laptops have shared the keys with each other). I regularly use git, but so far I haven't been able to get this setup to work. But before I bother the world with these problems, I would be interested in learning how to do the following:</p>
<p><em>Question 3</em>: How can I use the git-annex assistant to set up a gcrypt remote (with one key)? It doesn't show up as an option as far as I can see (git-annex version: 4.20130815).</p>
<p><em>Promise</em>: When I get git-annex to work with gcrypt, I'll make a summary on how I did it (and maybe which mistakes I made so others can avoid them).</p>
comment 8http://git-annex.branchable.com/forum/2_clients_using_an_encrypted_server_for_syncing_-_possible__63__/comment_8_9baacb14fc5eb449cb13e0b4a4995fb0/joeyh.name2014-05-19T16:48:09Z2014-05-19T16:48:09Z
4.20130815 is too old. Get a current version.