Secure way to share a one large file

Hello everyone,
I have a large file (~20GB) that I’d like to send to someone in a secure manner. I’m worried about the large cloud companies accessing and/or knowing that I am sharing this file. Does anyone have any experience with something like this? I was thinking of zipping it with 7zip while randomizing the name and adding a password to the archive to obfuscate the file. Then to distribute the file to a handful of people I was thinking I could create a VM on Linode or Digital Ocean harden it and then grant SSH access to the few users I want to download the file via SSH.

Does anyone have any better suggestions or see any flaws in my proposed plan?

It’s easy enough to setup an isolated vlan, an OpenVPN server and a virtual machine on your network. Then distribute the opvn file, username and password independently.

I’ve set up precisely this for sharing with friends without risking my network. If I have any doubts I can simply revoke certificates.

That’s a good point @neogrid. Thank you for your response. I already have OpenVPN and VLANs setup currently so that would be relatively easy. The only down side is my connection. I only have a 15 Mbps upload speed. I will consider that though.

What do you think about password protected 7zip files? Do you think something like that will hold up if someone really wanted at it? Do you know of any programs to encrypt single files that does a better job?

I’ve used KeepassXC to distribute stuff, you can also use a key file which the user needs to unlock keepass, that can be distributed by another means. I figure password managers must be difficult to crack, especially if a key file is required.

7zip is probably more focused on compression.

Actually I see it also does encryption, should work. But maybe a brute force attack could work. Probably best to use several layers of protection.

Just put it in a zip file, set a password (encrypt it) and maybe split it in small parts. These small files are easier to handle and distribute.

Setup Syncthing. Even if you have a slow connection, it doesn’ matter. Go to bed and then to work, do some stuff, go to bed again and work and the file will be transferred. You can acctually forget that anything is happening. :wink:

You do have the option of using asymmetric encryption based on PKI with opensource solutions like the PGP tools this will mean that you have over the wire and at-rest encryption should you need it. Of course, encryption/decryption of files of that size is quite tedious, but you could also chop the file into 20 x 1 Gig chunks :slight_smile:

Thank you everyone! I completely forgot about Syncthing. That might be an easy solution. PGP Tools is also something I’ll look into.

There’s always Fedex.

1 Like

Upload it to an ec2 instance or s3 bucket with a free AWS account and send the ssh keys via telegram. Enable SSL and encryption at rest.

This is pretty secure too: