I’m aware that this is a bit of an advanced user case- pointing 3rd party apps at files in the Cryptomator vault, and hopefully I’m overreacting, but I’d like to get a better understanding of exactly how Cryptomator is handling files on my Android, and if indeed there are unencrypted versions of my files now hidden elsewhere on the android device.Īfaik that’s the standard procedure for keepass2android (at least for the sync-enabled version), it caches the kdbx and works against that.Īlso, I’d advise against using block-based sync for a keepass database. As despite receiving an updated database to the android device, KeePass2Android does not recognise those changes, and also retains the locally made changes. This behaviour suggests to me that Cryptomator has created an unecrypted copy of the file which is encrypted in the syncthing folder on my android device, at destination content:///decrypted - which is now its own independent file. But I cannot find the passwords I added on Android on any other database, and the password I added on Linux is not appearing in my Android database, despite closing KeePass2Android, locking the database, unlocking the database, and reopening KeePass2Android. I added a new password to the database on my Linux desktop, and sure enough, Syncthing appears to have propagated out that change to my other devices, including Android, as the database file in Cryptomator then showed that it had been modified within the last minute. But even with the Cryptomator vault unlocked, Cryptomator was still showing that the file was last modified 4 hours ago, even though I’d been adding passwords within the last few minutes. To complicate matters further, I made some changes to the KeePass database on Android, adding a few entries for app credentials e.t.c. This suggested to me that once Cryptomator on Android decrypts the files, they stay decrypted. But it would seem that on my Android, I now only have 1 line of defence to my passwords, which is the database master password itself, as it doesn’t need the vault to be unlocked and decrypted to access the file. On my Windows and Linux devices, if the vault is locked, KeePass can’t access the database file, which makes sense and is desired behaviour. However, I started to notice that KeePass2Android could still access this file even when the vault was locked. I couldn’t find this location by searching my files on the device, but no big deal. KeePass2Android then displays the filepath to the selected database on the login screen:Ĭontent:///decrypted/filename.ext Eventually I realised that by clicking on the KeePass database file, from within the Cryptomator app, I got the option to open that file with KeePass2Android, and everything went ok from there. I was expecting a virtual folder on my internal storage, a bit like Linux, but couldn’t find one. I was able to point Cryptomator at my local vault on my phone no trouble, But struggled to find a way to actually access the files outside of the app. this way I always have access to my passwords locally, but still encrypted, and whenever I make changes to the database, those changes will be sync’d across all my devices. This vault is then sync’d across my devices with Syncthing. My use case is that I have one particular vault which holds my KeePassXC database. I use Cryptomator across my devices and Operating systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |