Nitrokey3 and Cryptomator


after successful integration of keepassXC with Nitrokey3, I wonder if a similar thing can be done with Cryptomator ( Cryptomator is an open source file encryption service, where you can create containers end they are end to end encrypted in any cloud storage.

Similar to Keepass it would be desirable if one can add multiple hardware keys to one encrypted container containing file. Additionally, of course it would be nice to encrypt each Cryptomator container with a different derived key (maybe via FIDO2-hmac-secret?).

Just some idea for future use cases.

Would be a nice feature but there is not much pull.

Yes, that would be very interesting. I wonder how they’d implement it, though, given they also have a team-based implementation.

An open-source project that supports FIDO2 to unlock a filesystem-based encryption is gocryptfs. Since it is fuse-based, it supports reverse-mounting a local directory with a remote (cloud) encrypted counterpart.