I am trying to add RC4 encryption when files uploads to my s3 bucket and decryption when I download files from the s3 bucket using the s3fs file system. I don't know what function should I add my encryption and how. can somebody help me with this?
CodePudding user response:
JuiceFS is a cloud file system, built on top of S3. it supports encryption at-rest.
You could mount a JuiceFS volume at the instance, write or copy files in the mountpoint, e.g /mnt/jfs
like local disk. The data of file store in your S3 bucket with encryption. When you read files, it could be decrypted automatically.
The different part between S3FS and JuiceFS, S3FS is only an adapter to convert S3 API to POSIX API without full compatibility, also you could download file from S3 bucket directly. JuiceFS have it own metadata storage, use S3 only as data storage layer, files will be stored in the bucket splited into data blocks, by default 4MiB each. So you could not read files from S3 bucket. The benefit from this design, JuiceFS has full POSIX compatibility (also compatible with HDFS and S3 API) and better performance than S3FS.
For more detail,
CodePudding user response:
Please note that RC4 is not a good choice for data encryption, the password can be hacked less than 2 mins.
If you want to encrypt data before upload to s3, you can use some tools pre-process and then copy them to s3fs mountpoint. For example: cryptomator、SiriKali、Boxcryptor.
The ideal way to encrypt data and upload to object storage is choose the tool which has encrypt function, such as JuiceFS, Rclone, Restic and so on.