How to use IPFS without providing online access for specific folders and files?

IPFS provides useful caching mechanism. My goal is to use IPFS caching mechanism without providing an online access.

Even I do not share the ipfs-hash of the file with other users, I want to disable probability for other users to access/pull that file I stored on my local IPFS directory, somehow if they find out the ipfs-hash of the file/folder.

=> If I don’t run ipfs daemon would it be a solution? If yes, the problem is for some files I may need to use ipfs daemon to share them with other users or I also may need to pull files from other nodes. The problem rises that when I start running ipfs daemon this will enable access to all the files that is stored on the local ipfs folder.

[Q] So basically I want to use IPFS as a offline caching tool and do not provide outside access for some specific folders that I store in IPFS. Even ipfs daemon was running, could I disable online access for specific files/folders that I decide?

For example, I have multiple folders and I want to store them under local IPFS folder, where who ever has their ipfs-hash will not be get able to pull those files. Even ipfs daemon is running could I force those folders that is stored in local IPFS folder to have no outside access? and provide online access for some other folders.


As a solution, on my machine could I run two different IPFS processes having different local repository. First one is open to outside and can pull from other nodes etc. (running ipfs daemon); but other does not have any access to outside and no-one can access to its files.

If you don’t want to your files to be able to be distributed about different nodes, why do you want to use IPFS at all?

To answer your question: ipfs daemon --offline should do the job.

I want to use IPFS’s caching mechanism to store files and folders for a purpose of a project I am working on. By default I want to store all the files as offline mode. Later, if it is required I want to give access to some specific files distributed to different nodes, while keeping others offline mode.

Your answer ipfs daemon --offline lets all the files remain in offline mode.

=> How could I allow some specific files able to be distributed on different nodes? Is it possible?

I don’t think such a mixed mode is possible atm. I’ve never read or seen something like that.

What if I run one process for ipfs daemon --offline and other ipfs daemon ; each has different ipfs local repository?

is it viable for you to create encrypted files from your project?
you could use VeraCrypt ( or winrar, but less secure ) to make an encrypted vault then add it to IPFS. this way it doesn’t matter if the files are online or if someone could download it. when you want to give someone access, send them the password to the vault file.

It’s doable but if I store the folder as encrypted I cannot use the caching mechanism of ipfs, such as if I change a single file, later encrypt complete folder and store it in ipfs, complete encrypted file will be stored. If I store it without encryption and later update a single file only the changed file’s block will be store which will bring the advantage of caching.

@avatar-lavventura not sure if this is still useful to you, but changing Reprovider.Strategy in config of your go-ipfs node to “pinned” and pinning data that you want to announce to the public may be relevant to your use case:

Reprovider

  • Interval
    Sets the time between rounds of reproviding local content to the routing
    system. If unset, it defaults to 12 hours. If set to the value "0" it will
    > disable content reproviding.

Note: disabling content reproviding will result in other nodes on the network
not being able to discover that you have the objects that you have. If you want
to have this disabled and keep the network aware of what you have, you must
manually announce your content periodically.

  • Strategy
    Tells reprovider what should be announced. Valid strategies are:
    • “all” (default) - announce all stored data
    • "pinned" - only announce pinned data
    • “roots” - only announce directly pinned keys and root keys of recursive pins
2 Likes