(on Wikipedia)
https://github.com/vgough/encfs
was https://www.arg0.net/encfs
EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library module to provide the filesystem interface.
2016-12-28 - I have no memory of using this. Boy will it be awkward if I come across stuff encrypted with it.
Abandoned
- EncFS reviews
- EncFS troubleshooting
-
rlog, created by the EncFS author, is a dependency.
--
- https://sourceforge.net/projects/encfs/lists/encfs-users
-
K-EncFS is a GUI tool.
Notes ∞
- Can set the encryption type on filesystem creation.
- MAC checksums help avoid any possibility of an application loading up modified data.
Related reading ∞
- https://web.archive.org/web/20100611133404/http://wiki.boum.org:80/TechStdOut/EncryptedBackupsForParanoiacs
-
https://web.archive.org/web/20100727194954/http://wiki.boum.org:80/TechStdOut/LinuxCryptoFS
-
"stealth" encrypted home directory filesystem using encfs on GNU/Linux -- Simple stuff.
Usage ∞
Tested 2006-09-03 with EncFS 1.23 on
Note that only the user who mounted the directory can use it. Not even root can look inside!
- Creation or Mounting:
mkdir ~/.crypt-raw mkdir ~/crypt # encfs ./encrypted-dir /mount-point encfs ~/.crypt-raw ~/crypt # (fill out your preferences) cd ~/crypt echo "this is stored in an encrypted file" > foo echo "Everything is good here:" ls cd ~/.crypt-raw echo "Everything is encrypted here:" ls
- Unmounting:
# fusermount -u ~/mount-point fusermount -u ~/crypt echo "Not mounted anymore:" ls ~/crypt echo "Still encrypted:" ls ~/.crypt-raw
- Deleting temporary directories:
fusermount -u ~/crypt rm -rf ~/.crypt-raw rm -rf ~/crypt
Automatic mounting with a shell script ∞
Davide Canova d.canova at tiscali.it
writes:
I use /home/encfs/$USER/.rootdir
as rootdir so I can save unencrypted data in /home/encfs/$USER
if I need. Here is my script (very basic):
#!/bin/sh if [ -d /home/encfs/$USER/.rootdir ]; then # if rootdir exists if ! mount | grep -q $HOME; then # if nothing mounted in $HOME cd /home/encfs/$USER # get out of the mount point until echo "$answer" | grep -iqx "no\?"; do answer="n" if ! encfs /home/encfs/$USER/.rootdir $HOME; then read -ep "Retry (Y/n)? " answer fi done cd fi # X authority file must be outside of the EncFS volume # until FUSE get lock operations support export XAUTHORITY="/home/encfs/$USER/.Xauthority" fi
Automatic mounting with PAM ∞
PAM integration allows encfs to be mounted when a user logs in (using the login password)
Renaming .encfs5
∞
Valient Gough said on the mailing list:
You'd have to modify the source code and recompile it.
Look in the file encfs/FileUtils.cpp around line 87 (or search for ConfigFileMapping
). There is a list of filenames which are mapped to different config file support code. You can add your own by editing the .encfs5
line. I recommend you have the filename start with a dot (.
), although it should work without it as well..
Unencrypting a single file without mounting everything ∞
If your crypt directory contained "foo" as the unencrypted filename, you could do:
encfsctl cat .enc foo
Last updated 2021-10-30 at 03:05:53