© 2026 My portfolio

Technical Implementation of data backup and Encryption using Syncthing et Cryptomator

janvier 18, 2026 | 13h18

Technical Implementation of Data Redundancy and Encryption using Syncthing and Cryptomator

Technical Report: Secure Data Synchronization and Encryption

Project Overview: Implementation of a high-availability and zero-knowledge storage solution.

1. Project Environment

Our infrastructure is based on a virtualized local network (LAN) designed to simulate a professional data environment:

  • Hypervisor: Oracle VM VirtualBox.
  • Node 1: Linux Debian/Ubuntu (Hostname: SRV-LIN-01 | IP: 192.168.1.12).
  • Node 2: Linux Ubuntu (Hostname: SRV-LIN-02 | IP: 192.168.1.10).
  • Network: Internal Network mode (intnet) for traffic isolation, ensuring all synchronization data remains within the private infrastructure.

2. Utility and Purpose

The combination of these tools addresses two critical IT requirements:

  1. Redundancy (Syncthing): Ensures that data is mirrored in real-time between two separate locations. This prevents data loss in case of hardware failure on one node.
  2. End-to-End Encryption (Cryptomator): Provides a « Zero-Knowledge » security layer. Files are encrypted locally before being synced. Even if the network traffic is intercepted or the destination drive is stolen, the data remains unreadable.
  3. Cross-Platform Interoperability: This setup allows seamless secure communication between different Linux distributions or even Windows systems.

3. Step-by-Step Implementation

Phase A: Peer-to-Peer Synchronization (Syncthing)

We deployed Syncthing to manage the continuous replication of the work directory.

The devices are linked via a TLS-secured tunnel. We then created a shared folder named SyncSIO.

    Phase B: Vault Creation and Encryption (Cryptomator)

    To protect sensitive files, we added an encryption layer. We created a vault named SIOSECRET located inside the Syncthing synchronized folder.

    Phase C: Verification and Security Proof

    When the vault is unlocked, it mounts as a virtual drive where files are handled normally.

    To demonstrate the security, we inspected the synchronized folder directly through the standard file explorer.

    • Technical Note: This proves that the data is encrypted at rest. Without the Cryptomator software and the correct password, the content is strictly inaccessible.

    4. Conclusion

    This architecture provides a professional-grade solution for securing sensitive data. By decoupling synchronization (Syncthing) from encryption (Cryptomator), we maintain total control over the data without relying on third-party cloud providers or unencrypted local shares.

    Tags:

    No tags
    Previous
    Next

    No responses yet

    Laisser un commentaire

    Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *

    Latest Comments

    Aucun commentaire à afficher.

    © 2026 My portfolio. Created with ❤ using WordPress and Kubio