Manjaro Encfs

Encfs

From Manjaro
Revision as of 05:58, 9 June 2014 by imported>Viking60 (→‎Regular use)

Introduction

Encfs is an encryption program that is suitable for encrypting content on an already installed system. It can be used for encrypting your /home or you can make smaller private directories that can hold your encrypted data. You can encrypt Dropbox with it and that has the advantage over Truecrypt that is does not require reserved valuable space that Truecrypt does (as of 05 2014 Truecrypt is considered unsafe]).

Encfs does not reserve a space on your HD and simply grows and shrinks with the files you put in there.

The one thing that can seem a bit confusing about it is that you need to make two directories (folders) to make it work: one encrypted and one un-encrypted.

Why would we need an un-encrypted folder that contains the data we want to encrypt; is that not the mother of all security flaws?

The entire point with encryption is that the encrypted data should not be accessible in an un-encrypted form; right?

The way Encfs works is that the un-encrypted directory is the mount point for the encrypted content.

If you do not mount it nothing will be visible. And to mount it; you need to enter a given password.

Installing

Encfs is in the community repo so you can simply install it with

sudo pacman -S encfs 

or use Pamac or Octopi.


Using it - encrypting

We want to make a directory that we would call

.secret

to keep our encrypted stuff, and we would make the mount point

secret

To achieve this, we run the following command in a terminal:

encfs ~/.secret ~/secret

You may also create the directories ~/.secret and ~/secret manually.

First time run

This will create the hidden directory .secret and the mount point secret the first time you run it. Just answer yes to the prompts - twice. You need to use the full path. During first time run you will also be prompted for the encryption mode; x for expert or p for paranoia mode. We will pick p which is a good mode.

Next you will be prompted for your password. Make it long and hard to crack but don't forget it - if you do; there is no way of recovering your data.


Tip
use sentences and slang like; Ain'tToHappyBoutNSATheseDays062014

Confirm the password and that's it you are finished.

File:Encfs4.png

Regular use

We have created the directory ~/.secret that will contain the encrypted data and we have made it a hidden directory because we will never enter anything in it and the content will all be unreadable.

The content of ~/.secret will only be readable when mounted in the other directory we created: ~/secret The only difference between the two is the "." ~/secret will be the working directory where you put the files you want encrypted. To mount the directory we enter the command:

encfs ~/.secret ~/secret

You may call your directories something completely different than .secret and secret; it is up to you. Enter the password and start entering content into ~/secret.

We never enter data into ~/.secret - that is why we have hidden it with a "."

To unmount ~/secret we enter the command:

fusermount -u ~/secret

If you check the content of ~/secret now; it will be completely empty. In order to see the content again you need to mount again with

 encfs ~/.secret ~/secret

and enter the password.

Cookies help us deliver our services. By using our services, you agree to our use of cookies.