🦀🔒 crabguard: A cli tool for end-to-end encryption for remote and local storage
- Encrypted upload, download and delete operations on Amazon S3 storage
- AES-GCM symmetric encryption with random 96-bit nonce
- Hashed filenames using sha256
- File chuking (currently chunk size is hardcoded to 1MB)
- Resume upload/download when interuppted
- Handles big files (as large as the disk can handle)
- Handle incomplete/corrupted files
- Password based key derivation
- Dynamic file chunking
- Improve latency and performance (e.g. upload/download multiple chunks in separate connections)
Create a .env file like so
AWS_ACCESS_KEY_ID=...
AWS_SECRET_ACCESS_KEY=...
AWS_REGION_NAME=us-west-004
AWS_ENDPOINT=s3.us-west-004.backblazeb2.com
AWS_BUCKET_NAME=testbucket
When the upload command is run a new key will be generated and stored in your .env file. It goes without saying that you should backup this key. If you lose it you can't decrypt your files or even the filenames.
cargo r --release -- upload ~/Downloads/23-08-11\ 11-35-15\ 3555.jpgcargo r --release -- download 23-08-11\ 11-35-15\ 3555.jpgcargo r --release -- delete 23-08-11\ 11-35-15\ 3555.jpgcargo r --release -- listcargo r --release -- mnemoniccargo r --release -- keygen "train switch nuclear device polar tilt shift hurry board stick recall device"