Do you store sensitive files on Dropbox or another cloud storage service? Encrypt them with EncFS for Linux, an encrypting file system that transparently encrypts and decrypts each individual file with your encryption key. There’s also an experimental Windows build.
EncFS works differently from a TrueCrypt container, which stores your encrypted files in a single large file. Instead, EncFS creates separate files for each file you add. It works better with cloud storage services that would re-upload the entire TrueCrypt container each time it’s changed.
EncFS Setup on Linux
Run the following command to install EncFS on Ubuntu:
sudo apt-get install encfs
On other distributions of Linux, look for the EncFS package in your package manager and install it.
Run the following command to create a new EncFS encrypted volume:
encfs ~/Dropbox/encrypted ~/Private
This creates two directories. The directory at Dropbox/encrypted in your home folder is where the encrypted versions of your files will be saved – they’re in the Dropbox folder, so Dropbox will sync them. The Private folder in your home folder is where the decrypted versions of your files will be accessible. You can specify any location you prefer for either.
You’ll be asked several questions after running this commands. The default paranoia mode (type p when prompted) should work well, but you can also type x for expert configuration mode.
EncFS will prompt you to create a password for your encrypted volume. Remember this password – if you forget it, you won’t be able to access your files.
Using EncFS on Linux
Place files in the Private folder you created earlier. This is also where you can access the decrypted versions of your files.
Encrypted versions of the files will be stored in your /Dropbox/encrypted folder. Dropbox will synchronize them across your computers – no one can access their contents without your password. You can mount the EncFS directory on multiple computers (use the same encfs command) to use your encrypted files on each.
Very Important Information:
- Do not place files in your /Dropbox/encrypted folder – ignore this folder. Place files in the Private folder instead. If you place files directly in the /Dropbox/encrypted folder, they won’t be encrypted.
- Do not delete or lose the .encfs.xml file (it’s hidden by default – press Ctrl+H in Nautilus to view hidden files). You should probably create a backup of this file – if you lose it, you’ll also lose access to your encrypted files.
Remounting the File System
EncFS won’t automatically mount itself after you restart your system – if you log out and log back in, you won’t be able to access your files without running the EncFS command. This provides good security – no one can access or view your encrypted files until you run the command.
If your Private folder appears empty, your EncFS file system isn’t mounted.
Just re-run the same command you ran earlier to remount your EncFS file system. For example, we’d run the following command:
encfs ~/Dropbox/encrypted ~/Private
You’ll have to provide your password.
If you want your EncFS file system automatically mounted each time you log in, you can use gnome-encfs. gnome-encfs adds your EncFS password to your GNOME keyring and automatically mounts it each time you log in.
EncFS on Windows
You can launch encfsw.exe and use the graphical program to mount or create EncFS file systems.
Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.
- Published 08/15/12