An application for creating encrypted vaults for the GNOME desktop.

Related tags

Cryptography Vaults
Overview

Vaults
Vaults

An application for creating encrypted vaults for the GNOME desktop.

Download on Flathub

Main Window

It currently uses gocryptfs and CryFS for encryption.

Please always keep a backup of your encrypted files.

Note: This is an early release. It should work fine, however, UI might be inconsistent and is about to be polished in following releases.

Dependencies

Since the Flatpak version is sandboxed, you need following components installed on your system:

How to build

The simplest way to build Vaults is using GNOME Builder:

  • Click Clone Repository...
  • Enter repository URL
  • Press Clone Project
  • Click run/build button or press F5
Comments
  • Locking the vault doesn't unmount the directory

    Locking the vault doesn't unmount the directory

    Steps to reproduce

    Steps to reproduce the behavior:

    1. Go to default screen while vault is unlocked
    2. Click on the lock button
    3. See error

    Current behavior

    Lock closes, but the actual directory doesn't unmount. When I open the mount directory, I can still see all the files.

    Expected behavior

    Mount directory should be emptied, same way as when using the fusermount -u command

    Version information

    • Application: 0.3.0
    • Gocryptfs (if related): v2.3
    • Distribution: Fedora 36
    opened by slothtown 10
  • Can't resize file picker window

    Can't resize file picker window

    Steps to reproduce

    Steps to reproduce the behavior:

    1. Open file picker either from preferences or import menu
    2. Try to resize the window

    Current behavior

    Can't resize file picker window

    Version information

    • Application: 0.2.0
    • CryFS (if related): I do not install CryFS because theres no such package in fedora rpm repo
    • Gocryptfs (if related): 1.8.0
    • Distribution: Fedora 35

    Additional information

    https://user-images.githubusercontent.com/18339774/147463736-f9ae39fe-489c-4908-9c08-ce2071f2616d.mp4

    bug 
    opened by frnmz 9
  • "The encrypted data directory is not empty" error

    Situation: My Linux partition was basically bricked a few days ago. All files intact, and I accessed them from new Linux partition, including vaults files.

    • I placed the (gocryptfs) vault files into the correct place, all files intact. (home/name/.var/app/io.github.mpobaschnig.Vaults)
    • Downloaded and installed gocryptfs back-end.
    • I have the correct password to open the files.
    • The "unlock" icon on Vaults lights up. I press it, enter my password, and the error "The encrypted data directory is not empty" appears.

    I hope I came to ask at the right place. What does this error mean? and how to solve it?

    opened by andresmessina1701 4
  • No backends available

    No backends available

    Screenshot from 2022-05-10 20-58-49

    Vaults can't find CryFS backend.

    My setup: Fedora Silverblue 36, latest Vaults from Flathub stable, cryfs-0.11.2-1.fc36.

    $ rpm -qi cryfs
    Name        : cryfs
    Version     : 0.11.2
    Release     : 1.fc36
    Architecture: x86_64
    Install Date: Tue 10 May 2022 18:57:10 MSK
    Group       : Unspecified
    Size        : 4499524
    License     : LGPLv3
    Signature   : RSA/SHA256, Sun 27 Mar 2022 13:36:24 MSK, Key ID 999f7cbf38ab71f4
    Source RPM  : cryfs-0.11.2-1.fc36.src.rpm
    Build Date  : Sun 27 Mar 2022 13:05:17 MSK
    Build Host  : buildvm-x86-27.iad2.fedoraproject.org
    Packager    : Fedora Project
    Vendor      : Fedora Project
    URL         : https://www.cryfs.org/
    Bug URL     : https://bugz.fedoraproject.org/cryfs
    Summary     : Cryptographic filesystem for the cloud
    Description :
    CryFS provides a FUSE-based mount that encrypts file contents, file
    sizes, metadata and directory structure. It uses encrypted same-size
    blocks to store both the files themselves and the blocks' relations
    to one another. These blocks are stored as individual files in the
    base directory, which can then be synchronized to remote storage
    (using an external tool)
    
    opened by shdwchn10 3
  • Backend not detected when importing.

    Backend not detected when importing.

    Steps to reproduce

    Steps to reproduce the behavior:

    1. Go to 'Import vault'
    2. Select directory
    3. Click next
    4. See error

    Current behavior

    Installed backend not detected when importing an already made vault. While creating and using new one works.

    Expected behavior

    Installed backend should be detected when importing vault.

    Version information

    • Application:0.2.0
    • CryFS (if related):
    • Gocryptfs (if related):
    • Distribution:Fedora Silverblue

    Additional information

    New vault Import vault

    opened by Crono23 3
  • The 'Add' button is grayed out

    The 'Add' button is grayed out

    Steps to reproduce

    Steps to reproduce the behavior:

    1. Go to '...'
    2. Click on '....'
    3. Scroll down to '....'
    4. See error

    Current behavior

    A clear and concise description of the current behavior.

    Expected behavior

    A clear and concise description of what you expected to happen.

    Version information

    • Application:
    • CryFS (if related):
    • Gocryptfs (if related):
    • Distribution:

    Additional information

    Please provide the terminal output when the bug happens and if applicable, add screenshots or screencasts to help explain your problem. 129377434-56d870be-994f-4ad5-a513-f2c299a028fa

    opened by stepnjump 3
  • Nuking A Vault

    Nuking A Vault

    This isn't so much a bug I'd guess, as opposed to just the way things are in Linux with Flatpaks installed as User, AFAIK. As an experiment, I installed Vaults via Flathub as User to my Home folder, then I made a vault using CryFS. Then I simply arbitrarily changed all permissions of everything in Home, as for example, via chmod + read, write, & executable. The result was that Vaults no longer respected their passwords, even if I changed permissions of the flatpak folders (local and var) back to my best guess as to their defaults. This is all somewhat expected, but I thought I should report here how easy it seems to nuke vaults, unless there is some vital piece of information I'm missing in order to restore them after their flatpak contents' permissions are changed via even GNOME Shell File Properties. This was just an experiment; I had no important data in them. But I conclude if somebody was trying to keep important documents or whatever, they should know it seems very easy to destroy access to them with a simple command or GUI gesture, and I'm not sure it's possible to recover. I don't know how the encryption works, but I'm guessing any modification to file permissions ruins a key or config in the app directory? Therefore, I suppose it should be noted somewhere that Vaults ought to be installed as a System Flatpak to reduce the chances of this happening so easily. I didn't see it if it already is. I don't know. Or maybe somebody here knows how to recover after a weird, but simple scenario like this.

    Anyway, thanks for this neat app. I like it.

    Steps to reproduce the behavior:

    1. Arbitrarily change permissions of Vault flatpak folders back and forth.
    2. Try to re-enter a vault. Password will fail.
    • Application:
    • CryFS
    • Vault Flatpak (user install)
    • Distribution: Fedora 36
    not actionable 
    opened by JohannPopper 2
  • File chooser: Cannot select empty directory from inside

    File chooser: Cannot select empty directory from inside

    Steps to reproduce

    Steps to reproduce the behavior:

    1. Create new vault
    2. Open file chooser to set either mount or data directory
    3. Navigate into an existing empty folder you want to choose as directory

    Current behavior

    When in an empty directory in the file chooser, it is not possible to "select" the folder (button is greyed out). one needs to navigate one level up, mark the folder and can now click the select button

    Expected behavior

    When in an empty folder, it should be assumed that I could want to select the current directory as destination, and be offered to click the select button (or confirm via return-key)

    Version information

    • Application: 0.3.0 (flatpak)
    • Distribution: Debian unstable
    not actionable 
    opened by pymnh 2
  • Improved adaptive support

    Improved adaptive support

    Is your feature request related to a problem? Please describe. On smaller screens (e.g. pinephone and the librem 5) it would be easier to use the configuration dialogs if they took up the whole screen.

    Describe the solution you'd like Windows should take up the full vertical space on small screens.

    Additional context Possible resources: libadwaita and examples of adaptive menus in other projects like clapper.

    Images Note: These were take on the mobile QEMU image of PureOS

    image image

    enhancement 
    opened by alexpattyn 2
  • update translatable strings

    update translatable strings

    A small PR that makes three more strings translatable, namely:

    • the Vault Settings window title when editing vaults
    • the short descriptions of gocryptfs and CryFS, which show up when creating a new vault

    Furthermore I updated the German translation with these added strings.

    opened by systeminbits 1
  • POTFILES.in: Remove obsolete file references and reorder list for better readability

    POTFILES.in: Remove obsolete file references and reorder list for better readability

    I deleted the two old references to src/ui/pages/start_page.rs and src/ui/pages/vaults_page.rs. Both files were already removed a while back in 61c8441a84245cb3ba1187322acaae6593eeafe1. I also reordered the # src/-part, so that it's arranged like the rest of the list for better readability.

    opened by systeminbits 1
  • Automatically create mount directory with generated directory name

    Automatically create mount directory with generated directory name

    Is your feature request related to a problem? Please describe. I'd like to be able to mount multiple different encrypted directories without having to keep empty mount directories around.

    Describe the solution you'd like Select a parent directory where mount directories would be automatically created with (partially random?) generated directory names.

    Additional context e.g. I choose the parent directory /run/media/teohhanhui, and Vaults would generate /run/media/teohhanhui/Vaults-{uuid}

    opened by teohhanhui 1
  • Display a warning message to backup config file after making a vault with gocryptfs

    Display a warning message to backup config file after making a vault with gocryptfs

    gocryptfs in their documentation mention: The old principle still applies: Important data should have a backup. Also, keep a copy of your master key (printed on mount) in a safe place. This allows you to access the data even if the gocryptfs.conf config file is damaged or you lose the password.

    That's why I think it is important to warn user how important gocryptfs.conf is and tell them to back it up. So that when bitrot happens on the config files or user accidentally delete it they can use the backed up conf.

    Also I think having an unencrypted version of file as a backup is defeating the purpose of file encryption.

    Describe the solution you'd like Display a warning message after making a vault

    enhancement 
    opened by frnmz 2
  • Include dependencies

    Include dependencies

    This PR includes gocryptfs and CryFS into the flatpak.

    Draft until these issues are solved:

    CryFS:

    • [ ] Build from source
    • [x] init works
    • [x] open/mount works
    • [x] close/unmount works

    gocryptfs:

    • [ ] Build from source
    • [x] init works
    • [ ] open/mount works
    • [x] close/unmount works

    Closes: https://github.com/mpobaschnig/Vaults/issues/8

    help wanted 
    opened by mpobaschnig 9
  • Include the project on GNOME Circle

    Include the project on GNOME Circle

    First of all, thank you for your amazing work. I was using a script in nautilus with zenity to open my vault and even tried to build a gnome extension for it, although, I am not a developer. Thank you.

    May I suggest to include your project on the GNOME Circle. The project will benefit from more advertising and visibility, and hopefully also from contributions.

    enhancement 
    opened by f-fouad 1
  • Include encryption deps

    Include encryption deps

    Is your feature request related to a problem? Please describe. On distros like fedora silverblue you generally are discouraged from layering packages.

    Describe the solution you'd like Include gocryptfs, CryFS, libfuse in the flatpak.

    Additional context Considering these are sensitive deps I wouldn't want them included in the flatpak unless there was a way to have a flathub bot watch upstream for updates and make automatic PRs.

    enhancement help wanted 
    opened by alexpattyn 4
Releases(0.4.0)
Owner
Martin Pobaschnig
Martin Pobaschnig
An open source desktop wallet for nano and banano with end-to-end encrypted, on chain messaging using the dagchat protocol.

An open source wallet with end-to-end encrypted, on chain messaging for nano and banano using the dagchat protocol.

derfarctor 22 Nov 6, 2022
a handy utility to work with encrypted DMGs

edmgutil edmgutil is a simple wrapper utility to hdiutil to help you work with disposable, encrypted DMGs. It can decompress an encrypted ZIP into a n

Sentry 9 Nov 29, 2022
Encrypted memories

Diary - Encrypted memories Diary is a TUI program written in Rust for GNU/Linux / *BSD / Android (It probably works on other platforms too, but who ca

Arun Sojan Parolikkal 44 Dec 23, 2022
age-encrypted secrets for NixOS; drop-in replacement for agenix

ragenix ragenix provides age-encrypted secrets for NixOS systems which live in the Nix store and are decrypted on system activation. Using ragenix to

YAXI 91 Jan 8, 2023
Trustworthy encrypted command line authenticator app compatible with multiple backups.

cotp - command line totp authenticator I believe that security is of paramount importance, especially in this digital world. I created cotp because I

Reply 71 Dec 30, 2022
An encrypted multi client messaging system written in pure Rust

?? Preamble This is a pure Rust multi-client encrypted messaging system, also known as Edode's Secured Messaging System. It is an end-to-end(s) commun

Edode 3 Sep 16, 2022
Dione is an anonymize and encrypted messaging system build on top on a peer to peer layer.

Secure and Anonymous Messaging WARNING: Currently Dione is not ready to be used nor does it fulfill its goal of being an anonymous messenger. In order

Dione 41 Jan 5, 2023
NymDrive is a complete, end-to-end encrypted file syncing daemon that runs over the Nym network.

NymDrive NymDrive is a complete, end-to-end encrypted file syncing daemon that runs over the Nym network. Features Active file monitoring of changes i

Hans Bricks 16 Jul 12, 2022
Smarter brute-force password searching for PKZIP encrypted files

Zip Blitz Motivation This program was created for a very specfic problem I had. I had a large encrypted zip file that I lost/forgot the password for.

Michael 4 Jul 29, 2022
An HTTP proxy for assets (mainly images) to route requests through an always-encrypted connection.

camo-rs camo-rs is a frontend-compatible Rust-re-implementation of the now archived NodeJS-based atmos/camo - an HTTP proxy for assets (mainly images)

Dennis Schubert 7 Dec 8, 2022
Program to determine the password of an encrypted ZIP file via dictionary attack.

zip-dict-attack Program to determine the password of an encrypted ZIP file via dictionary attack. Inspired by this article. Usage Cargo is used to bui

null 2 Oct 8, 2022
A simple key-value store with a log-structured, append-only storage architecture where data is encrypted with AES GCM.

akvdb A simple key-value store with a log-structured, append-only storage architecture where data is encrypted with AES GCM. Modified from the actionk

Olle W 3 Oct 10, 2022
Koofr Vault is an open-source, client-side encrypted folder for your Koofr cloud storage offering an extra layer of security for your most sensitive files.

Koofr Vault https://vault.koofr.net Koofr Vault is an open-source, client-side encrypted folder for your Koofr cloud storage offering an extra layer o

Koofr 12 Dec 30, 2022
Bijou is a tiny yet fast encrypted file system.

Bijou ✨??✨ Bijou (['bi:ʒu], French for "jewel") is a tiny yet fast encrypted filesystem, built upon RocksDB. Bijou provides a FUSE interface, as well

Mivik 5 Sep 27, 2023
rustic_core - library for fast, encrypted, deduplicated backups that powers rustic-rs

Library for fast, encrypted, and deduplicated backups About This library is powering rustic-rs. A backup tool that provides fast, encrypted, deduplica

rustic 9 Sep 29, 2023
An extensible open-source framework for creating private/permissioned blockchain applications

Exonum Status: Project info: Community: Exonum is an extensible open-source framework for creating blockchain applications. Exonum can be used to crea

Exonum 1.2k Jan 1, 2023
Metaplex is a protocol built on top of Solana that allows: Creating/Minting non-fungible tokens;

Metaplex is a protocol built on top of Solana that allows: Creating/Minting non-fungible tokens; Starting a variety of auctions for primary/secondary

Metaplex Foundation 3.2k Jan 4, 2023
A framework for creating PoC's for Solana Smart Contracts in a painless and intuitive way

Solana PoC Framework DISCLAIMER: any illegal usage of this framework is heavily discouraged. Most projects on Solana offer a more than generous bug bo

Neodyme 165 Dec 18, 2022
A Rust library for creating solvers in the OP Stack's dispute protocol

durin • A framework for building solvers for the OP Stack's dispute protocol. Note WIP Overview durin-primitives - Contains primitive types and traits

Anton Systems 16 Sep 12, 2023