How to encrypt directory / folder in Linux using Encfs – Ubuntu 16.04

EncFS creates a virtual encrypted filesystem which stores encrypted data in the rootdir directory and
makes the unencrypted data visible at the mountPoint directory. The user must supply a password which is
used to (indirectly) encrypt both filenames and file contents.

 $ sudo apt install encfs 
 $ mkdir encfs 
 $ cd encfs 
 $ mkdir encrypted-rootdir 
 $ mkdir unencrypted-mountPoint 
 $ encfs $PWD/encrypted-rootdir/ $PWD/unencrypted-mountPoint/ 

Creating new encrypted volume.
Please choose from one of the following options:
enter “x” for expert configuration mode,
enter “p” for pre-configured paranoia mode,
anything else, or an empty line will select standard mode.
?> [just Enter Here when Asked]

Standard configuration selected.

Configuration finished. The filesystem to be created has
the following properties:
Filesystem cipher: “ssl/aes”, version 3:0:2
Filename encoding: “nameio/block”, version 4:0:2
Key Size: 192 bits
Block Size: 1024 bytes
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
File holes passed through to ciphertext.

Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism. However, the password can be changed
later using encfsctl.

READ  Changing hostname in ubuntu

New Encfs Password: [just Enter Password Here when Asked]
Verify Encfs Password: [just Enter Password Here when Asked]

 $ mount | grep encfs
encfs on /home/myuser/encfs/unencrypted-mountPoint type fuse.encfs (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000) 
 $ cd unencrypted-mountPoint/ 
 $ echo "this is file inside unencrypted folder" > test_file.txt 
 $ ls -l
total 4
-rw-rw-r-- 1 myuser myuser 39 Apr 26 01:34 test_file.txt
 $ cd ../ 

Now, lets check with tree command, which all files got created,

 $ tree
.
├── encrypted-rootdir
│   └── ALDdfi3Jwpp,cqqSri2XaX,G
└── unencrypted-mountPoint └── test_file.txt
2 directories, 2 files

As we can see, as soon as we create a test file in unencrypted folder, an equivalent encrypted file gets created in encrypted folder ( as we can see with name ALDdfi3Jwpp,cqqSri2XaX,G )

Now, lets say we are done with creating files which we want to encrypt in a folder, then we need to unmount the mounted folder as,

 $ fusermount -u $PWD/unencrypted-mountPoint/ 
 $ tree
.
├── encrypted-rootdir
│   └── ALDdfi3Jwpp,cqqSri2XaX,G
└── unencrypted-mountPoint
2 directories, 1 file 

Now, lets check back this files, by mounting the encrypted folder as,

$ encfs $PWD/encrypted-rootdir/ $PWD/unencrypted-mountPoint/
EncFS Password: 

Enter your remembered password here once asked.

$ tree
.
├── encrypted-rootdir
│   └── ALDdfi3Jwpp,cqqSri2XaX,G
└── unencrypted-mountPoint └── test_file.txt
2 directories, 2 files 

Leave a Reply

Your email address will not be published. Required fields are marked *