You know how you can find a problem at work and after nothing pops up online you have to go to the forum for answers? Yap. That’s where I’m at!
I’m looking for some information on how CryptoMator actually stores the Vault.
Last week I began playing with a client and went through the steps to create a vault and took information in and out and ‘forgot’ my password and tried out the Key re-entry process. It looked great! The problem is, I tried something a little more invasive today and ‘deleted’ the folder on the server (I created the vault on our file sharing server), and I was STILL able to log into the files.
You can imagine my surprise!
This not only left me very concerned about unmanageable mass of data on the server, but it also made me realize that our back-up software would probably be unable to backup something we can’t see. Is something wrong if I can’t see the vault?
I noticed that in one of the tutorials there is a ‘vault’ icon, but I never saw that in the client interface.
Cryptomator desktop does not sync or connect with your online storage. It creates local files and your storage provider app does the sync to the online storage.
If you open cryptomator, you’ll find a file path richt below the vault name on the left.
This is the path you selected as vault location during the vault creation process. And this is where the encrypted vault files are stored.
Not sure, but I think you’re assuming that we use cloud storage, but we are almost entirely on-prem.
The reason for my post is that while the files are definitely being stored, and I can see the folder I created for the storage, the ‘vault’ itself is invisible to the network administrator and seems to be still intact when the folder is deleted!
I can’t suggest to my network administrator that we adopt this software if there is a very real threat that someone could drop TB’s of data on our server that we can’t even see or manage.
~ Also Michael
A vault is a directory with a certain structure on your filestorage. When you create a vault, this structure is initialized and you can see (and access) the vault storage location by selecting inside the Cryptomator App a vault and click on the grey file path right under the vault name:
Your file manager opens with the vault storage location:
If you delete files or folders there, the files cannot be restored by Cryptomator. Even worse, you can corrupt the entire vault and make it unlockable.
If the vault folder is now stored inside a directory, which is synchronized by sync app, then files are only deleted for everyone, if the sync client on device A snyced it changes to the server and the server synced the changes to all other devices.
The vault access point (i.e. to browse through the decrypted vault content) is only accessible for the currently logged in user.
I think we’re seeing two different scenarios. Possibly a glitch in the demo software?
As I said in my second post, I didn’t see the ‘green’ icon that you see in that graphic you shared before I deleted the folder on the server. If I should have seen that icon along with those other files you see in your above image, can you reaffirm that? We can work backwards from there.
I don’t know which “green icon” you mean.
The ‘masterkey’ and ‘vault’ files. They’re green.
If the files
vault.cryptomator are not present in the vault storage location, the vault cannot be unlocked.
Hence, if you can still unlock your vault, you deleted the wrong directory.