HOWTO: Encrypted directory with EncFS
This guide describes how to create encrypted directories. These can come in handy for laptop users, password lists and the like.
1. Install the software
Code:
sudo apt-get install encfs fuse-utils
sudo modprobe fuse
And since we don't want to modprobe each time we reboot, add "fuse" to /etc/modules (without quotes, on a line of its own)
2. Add yourself to the fuse group
The installer creates a fuse group and to use fusermount you need to be in this group. You can do this with your favourite GUI admin tool or command line:
Code:
sudo adduser <your username> fuse
3. Create a directory where your encrypted stuff will be stored
I put mine in my home dir, but you can put it anywhere you like.
4. Create a mountpoint
This is the directory where you will mount the encrypted directory. Through this path you can access the encrypted files.
5. Create the encrypted system and mount it
The first time you try to mount the directory, encfs will create the encrypted filesystem. It works like the regular mount:
Code:
encfs <folder to mount> <mount point>
So for this example:
Code:
encfs /home/<your username>/encrypted /home/<your username>/temp_encr
Note that encfs wants absolute paths, i.e. starting with a /
6. Do the work
Put some files in your ~/temp_encr folder and look in the ~/encrypted one: they will show up there, encrypted.
7. Unmount the encrypted filesystem
Unmounting is as easy as
Code:
fusermount -u /home/<your username>/temp_encr
8. Goto step 5
Repeat! EncFS will only create the filesystem once, after that first time it will ask for a password and mount your directory.
Remember to keep the two directories apart: in this example the "encrypted" folder holds your encrypted data and should not be used directly. The gateway to access this data is "temp_encr" or whatever you want to call it.
Sites used:
http://arg0.net/wiki/encfs - the main EncFS site
how-to-mount-a-remote-ssh-filesystem-using-sshfs
Re: HOWTO: Encrypted directory with EncFS
Several observations:
- You need load the kernel module permanently, if you don't want to use modprobe every time. That's easy to fix:
Code:
sudo <your_editor> /etc/modules
Add fuse to the list and you're done.
- The system won't recognize you as a memeber of the fuse group until you reboot.
- While encfs wants absolute paths, you can let the shell do the expansion for you:
Code:
encfs ~/.my_hidden_encrypted_dir ~/my_visible_unencrypted_dir
fusermount -u ~/my_visible_unencrypted_dir
Re: HOWTO: Encrypted directory with EncFS
Thanks, I forgot to add that about the modprobe.
Re: HOWTO: Encrypted directory with EncFS
Good howto, this is just what i've been looking for for some time. Works great!
Re: HOWTO: Encrypted directory with EncFS
I can not get this to work on on dapper. Has anyone gotten it to work on Dapper yet?
Re: HOWTO: Encrypted directory with EncFS
Quote:
Originally Posted by jgrantham
I can not get this to work on on dapper. Has anyone gotten it to work on Dapper yet?
Since late January this year. Did you take note of my observations to the how-to?
Re: HOWTO: Encrypted directory with EncFS
Wow, amazing! Thank you very much, this is something that I've (too) looked for some time. Yea, I wanted to encrypt a directory and not the whole fs. This is just what I've needed.. thanks! :-)
Re: HOWTO: Encrypted directory with EncFS
Quote:
Originally Posted by remmelt
This guide describes how to create encrypted directories. These can come in handy for laptop users, password lists and the like.
1. Install the software
Code:
sudo apt-get install encfs fuse-utils
sudo modprobe fuse
And since we don't want to modprobe each time we reboot, add "fuse" to /etc/modules (without quotes, on a line of its own)
2. Add yourself to the fuse group
The installer creates a fuse group and to use fusermount you need to be in this group. You can do this with your favourite GUI admin tool or command line:
Code:
sudo adduser <your username> fuse
Remember to keep the two directories apart: in this example the "encrypted" folder holds your encrypted data and should not be used directly. The gateway to access this data is "temp_encr" or whatever you want to call it.
Sites used:
http://arg0.net/wiki/encfs - the main EncFS site
how-to-mount-a-remote-ssh-filesystem-using-sshfs
Thank's a lot for this.I built up amd64 packages of the newest versons and it works very fine.
This were on a Ubuntu 6.06 LTS - Dapper Drake system.
It seems like fuse don't create any new group now.Did not add myself to anything.
But thanks for the info,and if anyone want the newest amd64 debs just send me a mail.
Re: HOWTO: Encrypted directory with EncFS
Hey thanks for that.
Now for KDE users who dont want to keep going into a terminal to mount their encrypted folder, I found this page on the Gentoo wiki -
http://gentoo-wiki.com/TIP_EncFS#Usi...DE_.26_Kdialog
To make it work in Kubuntu you need to change the references of "/usr/kde/3.4/bin/kdialog" to "/usr/bin/kdialog" - but then it works like a charm.
My menu entry looks like:
./mountsafe.sh /full/path/to/encrypted/.store /full/path/to/revealed/store - run as root, with a work path of ~
Hope it's helpful.
Re: HOWTO: Encrypted directory with EncFS
Quote:
Originally Posted by hippyjim
Hey thanks for that.
Now for KDE users who dont want to keep going into a terminal to mount their encrypted folder, I found this page on the Gentoo wiki -
http://gentoo-wiki.com/TIP_EncFS#Usi...DE_.26_Kdialog
To make it work in Kubuntu you need to change the references of "/usr/kde/3.4/bin/kdialog" to "/usr/bin/kdialog" - but then it works like a charm.
My menu entry looks like:
./mountsafe.sh /full/path/to/encrypted/.store /full/path/to/revealed/store - run as root, with a work path of ~
Hope it's helpful.
Works great. Thanks!
