Linux

Encfs
#####

Link to check out excellent article: http://www.howtoforge.com/encrypt-your-data-with-encfs-debian-squeeze-ubuntu-11.10

To start the process lets first download the app

# apt-get install encfs

To encrypt a new folder (and then use the same command to mount/decrypt it from there on out):

# encfs <new encrypted empty folder> <new target decrypted empty folder>

Example:
# mkdir /root/.hidden1
# mkdir /root/charly
# encfs /root/.hidden1 /root/charly

Now you can put files in charly, and they will be encrypted into .hidden1 in their own format

NOTE: Never touch .hidden1 contents

To unmount:
cd /
fusermount -u /root/charly

MOVING DATA TO IT THATS ALREADY ON THE SYSTEM: lots of the time when you encrypt a location/drive, you already have the data ready to be put in the server somewhere local on the drive (for example /root/privatedata, note that privatedata is not encrypted). All you have to do is copy the data to /root/charly from /root/privatedata. Then erase the content of /root/privatedata (and the folder). Finally to be extra safe, you will need to do the following:
Completely fill the cleartext filesystem with a file: cat /dev/zero > zero1; rm zero1. This will wipe the former content of the erased files from the drive (By overwriting any freespace with 0s). There will still be traces of names and metadata of erased files in directory entries here and there; the only realistic way to get rid of them would be to burn/explode the drive.

About encrypting for first time
#################################

# encfs /root/.hidden1 /root/charly

Then it asks:
enter “x” for expert configuration mode,
enter “p” for pre-configured paranoia mode

I clicked “p” and set password **************

When encrypting for 1st time make sure the both folders are made and empty

MAINTAINANCE
#############

To change Password:
encfsctl passwd ~/encrypted

Script to mount:
#!/bin/bash
#filename: /sbin/charlymount
encfs /root/.hidden1 /root/charly

Script to unmount:
#!/bin/bash
#filename: /sbin/charlyumount
cd /
fusermount -u /root/charly

 

One thought on “encfs – Encrypted Virtual Filesystem (FUSE)

Leave a Reply

Your email address will not be published. Required fields are marked *