What the title says. I was looking into paperless-ngx but it seems to offer no built-in security. I’d ideally want some kind of encryption and if i enable remote access have some control over sensitive documents
What the title says. I was looking into paperless-ngx but it seems to offer no built-in security. I’d ideally want some kind of encryption and if i enable remote access have some control over sensitive documents
This has been exceptionally done to death on Reddit but I'll say it here since Reddit is dead.
Authentication -
If what you're looking for is a login front end you could check out paper merge - personally I've got Keycloak and Nginx running so I can just make my own login page anyway and put paperless behind it.
Stuff with sensitive documents should probably not be on the internet anyway unless you're a really advanced user.
Encryption -
In app encryption offers no security because the encryption key is stored in RAM and likely a database entry that must be unencrypted.
So the Devs are 100% correct in stating that it gives people a false sense of security to offer it as a feature.
Best bet is to have an encrypted filesystem or alternative encrypted storage buuuut, also understand that encryption key is also stored in RAM.
TLDR: There is no point in Devs offering in app encryption when you should already be encrypting the filesystem.
Thank you, very helpful! And also thanks for putting this info on lemmy :) I figured asking the question here was a good way to get some of that insight here.