Advanced Usage

Explore advanced features like compression, auto-encryption, scheduling, and key rotation.

Compression

Compress files before encryption to save space, especially useful for text files and archives: 

# Encrypt with compression
nokvault encrypt large-file.txt --compress

# Compression is automatically detected during decryption
nokvault decrypt large-file.txt.nokvault

Compression is particularly effective for text files, JSON, XML, and other compressible formats. Binary files may not compress much.

Excluding Files

When encrypting directories, exclude certain files or patterns: 

# Exclude temporary files
nokvault encrypt ./documents --exclude "*.tmp" --exclude "*.log"

# Exclude specific directories
nokvault encrypt ./project --exclude "node_modules" --exclude ".git"

Auto-Encryption with File Watching

Automatically encrypt files when they're created or modified in a directory: 

# Watch directory and auto-encrypt
nokvault watch ./sensitive --auto-encrypt \
  --keyfile ~/.keys/master.key \
  --delay 5s \
  --exclude "*.tmp"

The --delay option prevents encrypting files that are still being written. The watcher runs until you stop it with Ctrl+C.

Scheduled Encryption

Set up periodic encryption for automated backups and regular encryption tasks: 

# Encrypt backups every hour
nokvault schedule encrypt ./backups --interval 1h --keyfile ~/.keys/backup.key

# Encrypt daily at midnight (using cron on Linux/macOS)
# Add to crontab: 0 0 * * * nokvault encrypt /path/to/docs --keyfile ~/.keys/master.key

Scheduled encryption is useful for maintaining encrypted backups of important directories.

Key Rotation

Rotate encryption keys without re-encrypting data. This is more efficient than decrypting and re-encrypting: 

# Rotate key for a file
nokvault rotate-key file.nokvault

# Rotate with specific keyfiles
nokvault rotate-key file.nokvault \
  --old-keyfile ~/.keys/old.key \
  --new-keyfile ~/.keys/new.key

Key rotation is recommended periodically for enhanced security, especially if a key might have been compromised.

Secure Deletion

Permanently delete sensitive files by overwriting them multiple times: 

# Secure delete with default passes (3)
nokvault secure-delete sensitive-file.txt

# Secure delete with more passes
nokvault secure-delete sensitive-file.txt --passes 7

Secure deletion makes data recovery extremely difficult. Use this for files containing sensitive information that should be permanently removed.

Batch Operations

Encrypt or decrypt multiple files using shell loops: 

# Encrypt all .txt files in current directory
for file in *.txt; do
  nokvault encrypt "$file" --keyfile ~/.keys/master.key --no-prompt
done

# Decrypt all .nokvault files
for file in *.nokvault; do
  nokvault decrypt "$file" --keyfile ~/.keys/master.key --no-prompt
done

Verbose Output

Get detailed information about operations: 

# Verbose encryption
nokvault encrypt ./documents --verbose

# Shows progress, file counts, and detailed status