I’m brand-new to Cryptomator and am trying to encrypt files that I store in iCloud. Everything seems to be uploading and syncing ok, but I have questions in two areas and would love your help.
If my laptop is stolen, broken or lost, I want to be able to access my iCloud files remotely. To test this, I logged into iCloud today (through icloud.com).
When I logged in, I saw the encrypted folder I’d saved in iCloud, and could download the contents (which include the Cryptomator master key). This then opened Cryptomator on my Mac,. The downloaded (encrypted) files prompt a ‘new’ vault in Cryptomator, located on my Desktop, which is the destination for all my downloaded files.
However, when I tried to login with the password for the vault it originally belonged to (i.e., ‘Client Files’), I get this message: “Vault already initialized”. So, two questions:
(a) Would I need to go through the process of creating a new vault, with a new password, in order to access the downloaded files?
(b) If I were logging into iCloud remotely, would I also need to download Cryptomator onto the new device in order to access these files?
When Cryptomator opens up my confidential folder, I see in my Mac’s Finder that the confidential folder’s directory shows up under’localhost’, in the WebDAV format. (This was in addition to its location in my iCloud Drive). It also had the ‘three people’ icon which I understand means that it’s shared. But when I quit Cryptomator, I can no longer find the folder under localhost. So is this localhost folder essentially the temporary location on my computer that I can access while Cryptomator is open - and it’s being shared with Crytomator only?
When I quit Cryptomator, I then see a box saying ‘Server connections interrupted’, with this shared (‘three people icon’) folder displayed. I can choose to ‘Ignore’ or ‘Disconnect All’. What does this mean? Is this something to do with iCloud not being able to fully sync?
This might be related to (2) above: when I went back into Cryptomator just now, I was not able to view the vault.
Instead I received a message displaying Apple’s ‘three person’ icon, and the words:
“Unsecure connection… The baseURL provided uses an unsecured method for network communication. To use a secure connection, you must use a server that supports SSL.”
Has this got something to do with that three-person icon mentioned in my initial quetion?
Thanks all for your help
No need to do that in your scenario as you can access the files with a new device.
Absolutely not. This would mean that anyone who has access to your encrypted files could decrypt them without knowing the password that was used for encryption. Doesn’t make sense, doesn’t it?
So, to access a existing vault, use the “ad existing vault” function.
Exactly. Cryptomator does the encryption and the decryption on your device. So you need it installed on your device.
Cryptomator does mount your vault via WebDAV and this is why you see the unencrypted files in the WebDAV drive (local host).
What do you mean with “in addition to its location in iCloud”? If you see unencrypted files into your iCloud Drive, they are not encrypted by cryptomator and therefore unencrypted saved online. You should see the unencrypted files only within the WebDAV drive (localhost)
Cryptomator does not sync anything. Sync is performed by the storage provider tools.
As I’m not on Mac, i cannot say for sure what this message caused.
Thanks for your answers! They make sense. I’ve tried accessing my files from a different Apple device and have done so successfully.
However, the way that I’m being prompted to do so is raising a question about how I’d access this encrypted folder a PC or a machine which didn’t actually the iCloud synced to the machine itself (i.e., a machine which didn’t have files - in Finder, in a Mac’s case - that are mapped to sync to their destinations in iCloud.
Here’s what I’m doing:
Log in to iCloud on a new device, and navigate to the encrypted folder
Inside, I can see 2 folders (containing encrypted, nonsensical items) and 2 files (‘masterkey’, and ‘masterkey backup’).
I click on ‘masterkey’ to download it.
Once it’s downloaded, it opens Cryptomator on my current device.
Cryptomator shows a new vault called “/Downloads”, and prompts me to create a new password for it. [If I do that, and click ‘Create Vault’, it says ‘Vault Already Initialised’. (This is, I’m assuming, to make sure someone can’t just created a new encrypted folder to see the contents of my folders - as you said in your reply above.)]
Instead, I click on ‘Open Existing Vault’.
Here’s the bit I have questions about. Cryptomator now takes me to my Finder to select a folder. Because I’m on a Mac that happens to have my iCloud synced to it, I can navigate to the correct folder that’s synced with my iCloud drive on the computer, and I can successfully open the encrypted folder.
However, what if I were accessing this data on a PC, or a Mac that didn’t have my Apple ID logged in, and so could only access the files through iCloud’s web platform - iCloud[dot]com?
I.e., if I weren’t able to tell Cryptomator to navigate to a folder in iCloud Drive (i.e., not simply a folder on iCloud.com), how would I open an existing vault in (7) above?
I hope that’s clear, and that the distinction between files accessed through the machine (a direct link to my iCloud drive) and files accessed through iCloud[dot]com, is clear. I know that in both scenarios the data is still stored on the cloud; it’s more a case of how I would access these files if I could only access them through the website.
It is not possible to connect cryptomator with your encrypted files via iCloud webinterface.
But I assume you are looking for a way to access your vault on PC without having the encrypted files synced to your PC. If Im right, this solution might be interesting for you:
Great! Thanks for your reply - Cyberduck looks perfect. I see that I don’t need Cyberduck and Cryptomator, so could I leave it for now and then - if and when the time comes that I need to access the iCloud web interface - download Cyberduck at that time?
Or would I need to have it set up ahead of time in order to access files through it later?
Short answer: No, you don’t have to.
You can install cryptomator and open existing vaults any time you like to.
Complete answer / version notes:
If the vault you want to open does not match the cryptomator version you want to use, then you will receive a notification and cryptomator will make necessary updates to your vault automatically if needed.
This is for example the case if you want to open a vault that was created with an older cryptomator version (and never been updated), and you try to open it with an up-to-date version of cryptomator.
But, as cyberduck usually uses an actual source code version of cryptomator, your vault should always be up-to-date and fit any newer version of the standalone Cryptomator Desktop App.
You might notice that ther’s an iOS and Andoid app as well. These apps access your vault directly in the cloud without syncing anything to your device. Its the same here: if you someday decide to use these apps, just install them and open an existing vault. No need to install them ahead of time.
