Local Encrypted Note Application?

I figure someone here will have an answer for me. I am looking for a simple note taking type of application that will encrypt text files and store them locally.

I do not want web integration or cloud storage: I just want to make a document, encrypt it and store it on my computer. I will back up the encrypted files with my usual routine backups.

What would fit my use case would be Gnotes with an encryption option. But all my searches are spitting out is cloud based notes applications with a few having the ability to self host the server. That seems a bit over the top for what (to my simple brain) should be a simple app like keypass but with more than just the password field encrypted. (My understanding of keypass is that the passwords are encrypted but not any of the other fields in the database.)

Any thoughts, ideas or paths to pursue are greatly appreciated.

I’ve read LibreOffice can encrypt documents with a GPG key. The functionality is in the save menu.

2 Likes

Ah— yes! You could use emacs with org-mode and seamlessly encrypt and decrypt your notes with style and ease.

1 Like

You can use LibreOffice for documents and encrypt with GPG/PGP :
https://help.libreoffice.org/6.3/en-US/text/shared/guide/openpgp.html?DbPAR=SHARED

If it’s notes you can just use GPG/PGP on the file.

Standard Notes or my preference, Joplin. Both have cloud options, but are local-only by default I think. I know my Joplin isn’t connected to anything else.

Thank you, everyone for the input.

I will have to sit down this weekend and see what LibreOffice has up it’s sleeve. I will also look at emacs, Standard Notes and Joplin. I stumbled upon EncryptPad and I may take a look at that, too.

The more I think on this, the more I think I want a stand-alone app like a password manager but for notes instead of passwords. I use LibreOffice regularly, so that work flow might be hard to create. I will update this when I get a chance to try some of your suggestions.

And, if you have more ideas, feel free to add them! Thank you again.

Not sure you specifically want to encrypt individual files, but my solution is somewhat different. On my work laptop I created a hidden encrypted folder (eg .vault) and with a Python script I mount it to a folder (eg Vault). I use a python script, as that gives me a neat TSR program in the tray (I use XFCE on that laptop).

In this folder I save every sensitive document and when mounted, it works as a normal directory.

I use encfs for this (encfsui) and the Python script I use is this:

#!/usr/bin/python
import os
import gi
gi.require_version('Gtk', '3.0')
gi.require_version('AppIndicator3', '0.1')
from gi.repository import Gtk as gtk, AppIndicator3 as appindicator
def main():
  indicator = appindicator.Indicator.new("customtray", "nm-vpn-standalone-lock", appindicator.IndicatorCategory.APPLICATION_STATUS)
  indicator.set_status(appindicator.IndicatorStatus.ACTIVE)
  indicator.set_menu(menu())
  gtk.main()
def menu():
  menu = gtk.Menu()
  
  command_one = gtk.MenuItem.new_with_label('Vault')
  command_one.connect('activate', vault)
  menu.append(command_one)
  exittray = gtk.MenuItem.new_with_label('Close')
  exittray.connect('activate', quit)
  menu.append(exittray)
  
  menu.show_all()
  return menu
  
def vault(_):
  os.system("encfsui $HOME/.vault $HOME/Vault")
def quit(_):
  gtk.main_quit()
if __name__ == "__main__":
  main()

But you can of course just use the command encfs $HOME/.vault $HOME/Vault if you want to run it from the terminal.

Edit Maybe Cryptkeeper is something you might wanna look into, instead of my Python script.

Thank you for sharing your script and giving me another application to look at.

It appears Cryptkeeper is deprecated on Ubuntu, et al. But there are other front ends available for encfs…

This all is just making it more obvious to me that I really should finally learn something more about encryption on Linux. I have avoided it for a very long time.

Thank you for the input, I followed up on these two today.

I started playing with Joplin this morning and it appears that Joplin has end to end encryption but not at rest encryption (and, it is a point of vigorous disagreement apparently).

I will play with it some more after I solve for my current desire. It does look like a nice application.

I installed Standard Notes and it looks like it has the encrypt at rest function I was looking for. I’m not keen on the $29 to be able to get anything other than searing white for the theme. It’ll go on the short list while I continue to explore.

I just spent five minutes reading the tutorial because I couldn’t figure out how to start a new document… I’m thinking the price of admission may exceed the benefit to me at this time. Thanks?
:grin:

2 Likes

Ok. I feel like the guy who needs a pickup truck to move a couch across town and all that is available is

:thinking:

1 Like

That truck thou.

1 Like

So, here is what I have decided on (for now): I created a spreadsheet in LibreOffice and set a 30 random character password that I created in KeePass for the purpose. It appears that should be secure enough for keeping my collection of confidentialities from prying eyes.

I need to learn more about how encryption of individual directories works in practice and that will be on my “to study list”. And, I’m off to play with Joplin for a while as well.

Thanks for everyone’s input. Any other thoughts and ideas are still very much welcome.

I know, right?

1 Like

ETA: Update/solution in next message.

@snorlax I’m going to blame you, if that’s ok. :upside_down_face:

I’m playing with Joplin and I think I set up sync with a local folder on my system. Unfortunately, I appear to be doing it wrong because nothing is showing up in the sync directory even though Joplin claims it has successfully synced the notes.

It asked for an “absolute path” to the sync folder when I set up local sync and I gave it one, I think:
/media/computer/Linux Data/Documents/Computer Transfer Info/Joplin Notes Backup

Given that Joplin claims successful sync, I guess it is syncing somewhere. I checked the .config for Joplin and it shows the sync folder I input as the target.

I have tried searching my system for the sync file but I am not finding any likely candidates. I have searched on the web for others with the same issue and answers but have not found anything yet.

I wondered if it was because of the spaces in the absolute path and tried to to change the target with ’ and ’ to pass the spaces but no joy. So I tried " and " with no effect. Joplin says it is syncing. I say I am Linuxing wrong.

Any idea what my major malfunction is? Wait, let’s just limit this to Joplin and Linux. Ok?

Thanks for any insight you (or anyone else) can share.

I have just successfully created a sync using a path to a directory in Home. It then occurred to me that this is a flatpak. :man_facepalming:

It looks like I found me a bug! The flatpak doesn’t have permission to access the Linux Data directory but reported successful sync to it anyway. I used Flatseal to give it permission to access the backup directory and Voilà! Sync filled the directory with files.

I’m off to Github to see if this is a known bug.

Sorry for dragging you all along on my bumblefest.

Let us know what you find out! I just installed mine through the package manager, and I don’t encrypt mine.

I am not encrypting Joplin, I was just trying to use it and sync the notes. It wasn’t available in Mint’s package manager as a native app, just as a flatpak so there I ended up.

I reported the bug on GitHub, so I have “contributed”. I still need to dive into encrypted directories and the like. But there be dragons: Your data is so secure even you can’t see it.

1 Like

The options available to you are really defined by what kind of notes are you taking. Simple flat files, plain text or something grander?

You can use something like jrnl (jrnl - The Command Line Journal). Simple, but extensible like if you wanted to use vim for your editor rather just stdin of the shell. Encryptable. The bonus things I like about this project is that they all show you how to decrypt your files and access them should the jrnl project be discontinued.

I have used Joplin before but have ran into issues in syncing which may not be a thing for you. If you change the location you can lose your ability to decrypt. That may have been fixed.

Another option that I would suggest and it may just be the route I am going with myself is to use encrypted images that I mount and unmount at will (or can script), use my editor of choice, add the photos, whatever data types, etc in whatever file hierarchy that makes sense for my needs). For this I am siding towards Tomb ( Tomb :: File Encryption on GNU/Linux). It is a nice wrapper for cryptsetup, scriptable, and like the aforementioned project provides documentation on how to get to your data should the project cease or you want to pursue other solutions.

I still have not gotten settled into using GPG. Tried but never had any interaction needs with and generally it all went wayward. Will have to fix that though.

1 Like