Encryption of directories using fuse and encfs Mini Howto
for linux. (I am using ubuntu 7.10 and kde)
Back to Main Page
This i a very short version, and if you want to know more, go to the Internet etc.
This howto is without any guarantee, and you may use it on your own responsibility only.
There may be errors, but I do not want to use too much time to write this howto.
My idea is to make documentation, so you can at the least start using the program.
I (67 years old) have abstracted what I find most important, from lots and lots of documentation.
To check specific words, you may use: http://en.wikipedia.org/wiki/Main_Page (search) and almost anything else http://www.google.com
It's most convenient to print this howto out, to use it by your side !
Index of page:
To install the encfs program and create an encrypted directory
To open a konsole
To mount the directory to work with your encfs data
To stop working with your data
If you want your encrypted directory to be automatically unmounted at shut down time
If
you have sensitive data like text files, images, videos etc. you can
use Fuse and encfs to encrypt your data in a very easy and efficient
way - if you loose your
passphrase, your data is lost forever - so please keep a copy of your password/passphrase in a safe and secret place.
To
make the password/passphrase as safe as possible it should consist of a
mixture of at least 20 characters/numbers/capital/small/letters/signs -
do not use
words from dictionaries, name of your pet or family
names - best to use some personal secret rhyme from your childhood
which nobody know etc.
When you are finished with working with
your sensitive data always remember to "close" the encrypted data
(unmounting the encryption directory:
"fusermount -u ~/encrypted").
You
may encrypt as much data as you have space on your harddisk/partition,
and you can create as many subdirectories in the encrypted directory as
you like.
You may have several individual encrypted directories
with each one its own passphrase.
To Index of page
In order to install the encfs program and create an encrypted directory by the name "encrypted" in your home directory run the following commands in
a bash konsole - you may copy and paste the lines using the mouse cursor directly from this minihowto into your konsole.
I will give a short explanation preceeded with a # after each command.
To open a konsole choose "K-menu" (lower left corner of your kde desktop) - "System" - "Konsole - Terminal Program".
sudo apt-get install fuse-utils encfs
#Installs the "fuse-utils" and "encfs" packages
groups
#If you do not see the name "fuse" run the following command:
sudo adduser "your_user_name" fuse (withouth the double quotation marks)
#Adds the "fuse" group to your "your_user_name"
sudo modprobe fuse
#Loads the fuse module into the linux kernel
mkdir ~/.encrypted
#Creates a directory called ".encrypted" in your home directory.
#This directory will contain all the encrypted data
To Index of page
#It
will also contain a file called ".encfs5" which
contains information about your encrypted data in cleartext - if
you move this file onto e.g. a usb stick you have
#an extra safety, but you must remember to move it back, to be able to continue working with your encrypted data.
mkdir ~/encrypted
#Creates
a directory called "encrypted" in your home directory - this directory
is where you do all your work with your encrypted data.
#When
you "close" this directory (to close/unmount the directory run
"fusermount -u ~/encrypted") you will see no data whatsoever in the
"encrypted" directory,
#which means all your data is encrypted.
#You will only see the data in an encrypted form in the "~/.encrypted" directory.
encfs ~/.encrypted ~/encrypted
#Creates the two main encryption directories for the encfs encryption system, and later mounts the directories each time you are going to work with them.
#When
you run the command for the first time it will create the encfs
encryption system, and you are asked a question - just press
"enter".
#Then you are asked for your password - here
insert your secret password/passphrase 2 times and remember it and
keep it in a safe place.
#If
you see an error message containing something like "Permission denied"
you will have to shut down the computer and restart it again.
#The directory of the name
"encrypted" is the place where you will work with your data in
clear text in the future (insert files and subdirectories and use your
#data
etc - just work with your data as you would with normal data but
all the data is automatically encrypted in the background in the
directory of the name
#".encrypted" at the same
time.
To Index of page
#The two above directory names could be any other names of your choice
(e.g. ".enc" and "clear" or ".coded" and "unencoded" etc.)
#If
you look in the directory of the name ".encrypted" you
will only see encrypted directories and files (and the "encfs5")
and will look something like below:
To stop working with your data (and encrypt everything) run:
fusermount -u ~/encrypted
#"Closes"
(unmount) the directory of the name "encrypted" and all contents
disappear, meaning it is all encrypted and placed in the directory of
the name
#".encrypted" .
To Index of page
If you want your encrypted directory to be automatically unmounted when you shut down your computer do the following:
Create a small script in the "/etc/init.d" directory of the name "encfs_of.sh":
sudo kate /etc/init.d/encfs_of.sh
#Creates and opens the empty script "encfs_of.sh" in the "kate" text editor
Insert the following lines in the script:
#!/bin/bash -x
#Script to unmount the encfs directory at shutdown time to make your data safe
fusermount -u ~/encrypted
#Save the script and make it executable:
sudo chmod -x /etc/init.d/encfs_of.sh
#Make a link in the "/etc/rc0.d" directory by the name "K91encfs_of.sh" to the above script by running the following command:
sudo ln -s /etc/init.d/incfs_of.sh /etc/rc0.d/K91encfs_of.sh
Some
links in random order:
To Index of page
http://www.debuntu.org/2006/06/04/62-how-to-use-encrypted-directories-with-encfs-and-fuse
http://en.wikipedia.org/wiki/Fuse
http://en.wikipedia.org/wiki/Filesystem_in_Userspace
http://en.wikipedia.org/wiki/EncFS
http://ubuntuforums.org/showthread.php?t=148600
http://www.arg0.net/encfs
http://sourceforge.net/mail/?group_id=97461
1/2008