Cryptomator sync with OneDrive to replace NAS

Hey everyone,
I was wondering if anyone of you could give me a hint to tackle one of my “projects”. I currently run a Synology NAS to store family shared files. As I have my NAS backup everything into my OneDrive cloud and as I don’t trust Microsoft, I store everything on my NAS in a cryptomator vault. This way I can also access my files from my smartphone directly in OneDrive. NOW, I’d love to get rid of my NAS and only work in the cloud. The desktop app of Cryptomator isn’t capable of accessing vaults in the cloud and it’s not possible to work on files locally and have them synced to the cloud automatically, I thought about the following: I could have an desktop app like OneDrive establishing the connection to OneDrive Cloud. Nice thing about this is, you work on the files locally and it uploads changes to the cloud in the background. Then I can also open the cryptomator vault in the OneDrive cloud via the OneDrive app. To me this sounds like an almost perfect solution. BUT, as I don’t trust Microsoft I’d love to replace the OneDrive desktop app by a more trustworthy, ideally open source app with similar functionality. Question to you: Has anyone realized something similar, and how did you “build” it? What app would you recommend to replace OneDrive?
Thanks a lot in advance for any recommendation or tipp you can give me for my “project”.
Best regards

The desktop app of Cryptomator isn’t capable of accessing vaults in the cloud

Am I misunderstanding what you’re saying? My Cryptomator vault is in my Google Drive in the cloud and I’ve had no issues accessing it from the Windows app or working on files locally in my vault and the changes being synced correctly. It’s how I access my password database between all of my devices (Android phone, iPad Mini, and two Windows 10 systems).

Are you talking about accessing your vault directly from the cloud storage provider and not through a local sync application?

Hey Fritz,

I have realized a solution you would like to have and which is working now without problems over a year.

The structure is similar to OneDrive, but encrypted and using open source. There is a local folder containing some vaults (I am using several vaults for better performance). This folder is synchronized by using nextcloud which is open source. The target for synchronization is a place in the cloud (I am using an european cloud server). Cryptomator itself is set to automatically start and open the different vaults and used in the WinFuse mode. For a better structure on the PC I got hardlinks from by original folder to the “cryptomator drives” (but this is optional).

In the end I got:

  • All data are in the cloud, but encrypted with no knowledge by the cloud provider.
  • At the same time all data are local for usage without internet connection.
  • Sychronizing is real fast by nextcloud (I am using 10MB upload).
  • No limitations by web.dav (file date remain unchanged).
  • No MS, Google or whatelse are involved.
  • Access by different clients with the same structure is working fine.
  • Even access by mobile is possible with the cryptomator app

Have fun with your project. It would be great to hear if this is working for you as well.
Best regards

Hi Kurt,
this sound really interesting. Do you actually use a Nextcloud Service? I actually involve MS because I use their OneDrive. In the MS365 Family package, 6TB of Cloud Storage is very, very affordable. I do trust MS with regards to security and availability, but not with privacy. That`s why I use Cryptomator for my OneDrive Cloud Storage. The only thing missing is a OneDrive App-like sync of vaults so that I have everything locally AND in the cloud. Just like you described it. But I am not using a Nextcloud service/server, but OneDrive. Any thoughts on this? Do you think this would work with your approach?
Best regards

Hi Fritz,

it should work with OneDrive as well; indeed my solution is built with the prinziple of OneDrive.

My setting with nextcloud:

  • The nextcloud client demands an own directory.
  • The nextcloud directory does have subdirectories - each of them containing all data of one (encrypted) vault (for better performance I spread the data out of different vaults)
  • Cryptomator is linked directly to these subdirectories.
  • All data in this directory (whole branch) will be synchronzied automatically by the nextcloud client between local directory and cloud directory.
  • On a separate device (eg tablett) I do have the same structure, again synchronized by the nextcloud client
  • Access via the cryptomator app on a mobile is possible as well (read only - but quite enough for the purpose of taking away the data.


  • If you just have the same structure in the local OneDrive directory instead of the nextcloud directory, the onedrive client should synchronize instead of the nextcloud client.
  • Since only the encrypted data are synchronized MS does get no knowledge neither of the data nor the password.

Looking forward to your feedback.
Best regards

I am accessing a local vault which is synchronized by the local sync application (e.g. nextcloud) with the cloud. The reason for that is to be independent of an actual internet connection. Therefore I have common data if all devices are synchronized - aside the possibility that different persons are changing the same parts of their local data at the same time or at different times but not synchronized in time (a setup, which is not representing my situation).