This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

Recommendations - best practices on syncing Knox Vaults on multiple Macs?

martin-jo
martin-jo Junior Member
edited December 1969 in Knox
Hi there,



I have been using Know since a few weeks now and think this is the currently "me-friendly" setup to encrypt my data (unless I would want to use Truecrypt).



However, I wonder what would be the best way to update / synchronize vaults on multiple Macs?

In an efficient manner.



The scenario:

I have two Macs, one iMac in my office, one Macbook Pro (MBP) for when I am traveling.

For my work I keep various vaults, e.g. one for my office stuff (tax, bills, calculations, whatever), one for projects (might need to extend it to one per project depending on size), one for my knowledge DB etc.

Now I have used Chronosync for a long time to keep my Macs in sync. This was easy with network shares or simple folders.

With the Knox-operated vaults the encryption comes into play, requiring me obviously to open the vaults first.



My current process:

- Copy initially all vaults to be kept on both machines, then work on each machine (and let the fun begin)

- Share the folder with all the Knox vaults from my iMac on the local network

- Connect with MBP to the shared folder

- Open both vaults on the MBP o(manually, since I do not like to keep the password in the Mac's keychain)

- Start Chronosync on the MBP to synchronize both ways



I also figure that I need two different names for each vault-pair, like "Projects-imac" & "Projects-MBP" in order not to run in an error message with Chronosync.



I certainly do not want to copy the complete vaults (GBs!) each time I come home, so I only want to sync the differences. Chronosync (basically rsync) does this. I also might tend to forget on which machine I worked last, so I need to sync, not copy.



So, that is my scenario and process - this is still a LOT of manual work.



Am I missing something? Have I created a clumsy setup?

How do you keep your various vaults updated?



Oh, please note - I have read the threads on Dropbox. And the potential problems.

While I am currently using Dropbox to sync "Things" and maybe also the 1Password key-chain (even though a part of Paranoia-me says "Don't put that sensitive information out there") I am NOT looking for an ONLINE sync solution such as Dropbox (upload speed is too slow, and again Paranoia-me).



Any ideas are highly welcome.



Thanks

Martin-Jo

Comments

  • MikeT
    MikeT Agile Samurai
    edited December 1969
    You can automate most of that with bash script.



    Here's a link to look at,

    [url]http://bubba.org/wiki/index.php?title=Encrypted_Remote_Backups_with_Sparse_Bundles[/url]
  • MartyS
    MartyS AgileBits Customer Care (retired)
    edited December 1969
    Welcome to the forums, Martin-Jo!



    The first thing you need to decide is are you going to sync the vault as a singular item, or the files/folders within the vault.



    If you plan to sync the vault then you need to be sure the vault is closed before making a copy of it. Unless you are extremely disciplined, this can be a big issue. Also, when a file is changed in a vault the whole contents of the vault may need to be copied because the bits of the file may be scattered throughout the blocks... just like on a real disk volume. Some sync/backup utilities understand how a Knox sparse bundle is constructed and may be able to clone only the bands that have changed but some other utilities might just see the whole thing has changed.



    It sounds like you want to make changes on any of the computers as well. This becomes the same issues you have with a removable USB stick: is my current document on the stick or is it in my home folder? Both locations can be edited, independently, and you don't want to lose any updates.



    If you decide to sync the contents of the vault then you'll need to mount it before the sync program starts, so if the sync is automated in some fashion you need to take care of that (and how will the password be provided).



    One other thing to consider is security. If your syncing involves a network drive of some kind, the transfers over the network can be seen by packet sniffers. If the sync is of the vault then that's not a concern because the bits are encrypted the whole time. If you're syncing the contents over a network then they are in the clear during that transfer.



    I don't think there's a right way or a wrong way. Whatever route you take, it's all going to come down to how you practice the art.



    I bet you'll get some additional comments from others that have actually made the choices themselves and have some insight into their own situation.