SEARCH

How-To Geek

How to Encrypt Cloud Storage on Linux and Windows with EncFS

image

Do you store sensitive files on Dropbox or another cloud storage service? Encrypt them with EncFS for Linux, an encrypting file system that transparently encrypts and decrypts each individual file with your encryption key. There’s also an experimental Windows build.

EncFS works differently from a TrueCrypt container, which stores your encrypted files in a single large file. Instead, EncFS creates separate files for each file you add. It works better with cloud storage services that would re-upload the entire TrueCrypt container each time it’s changed.

EncFS Setup on Linux

Run the following command to install EncFS on Ubuntu:

sudo apt-get install encfs

On other distributions of Linux, look for the EncFS package in your package manager and install it.

image

Run the following command to create a new EncFS encrypted volume:

encfs ~/Dropbox/encrypted ~/Private

This creates two directories. The directory at Dropbox/encrypted in your home folder is where the encrypted versions of your files will be saved – they’re in the Dropbox folder, so Dropbox will sync them. The Private folder in your home folder is where the decrypted versions of your files will be accessible. You can specify any location you prefer for either.

You’ll be asked several questions after running this commands. The default paranoia mode (type p when prompted) should work well, but you can also type x for expert configuration mode.

image

EncFS will prompt you to create a password for your encrypted volume. Remember this password – if you forget it, you won’t be able to access your files.

image

Using EncFS on Linux

Place files in the Private folder you created earlier. This is also where you can access the decrypted versions of your files.

image

Encrypted versions of the files will be stored in your /Dropbox/encrypted folder. Dropbox will synchronize them across your computers – no one can access their contents without your password. You can mount the EncFS directory on multiple computers (use the same encfs command) to use your encrypted files on each.

image

Very Important Information:

  • Do not place files in your /Dropbox/encrypted folder – ignore this folder. Place files in the Private folder instead. If you place files directly in the /Dropbox/encrypted folder, they won’t be encrypted.
  • Do not delete or lose the .encfs.xml file (it’s hidden by default – press Ctrl+H in Nautilus to view hidden files). You should probably create a backup of this file – if you lose it, you’ll also lose access to your encrypted files.

image

Remounting the File System

EncFS won’t automatically mount itself after you restart your system – if you log out and log back in, you won’t be able to access your files without running the EncFS command. This provides good security – no one can access or view your encrypted files until you run the command.

If your Private folder appears empty, your EncFS file system isn’t mounted.

image

Just re-run the same command you ran earlier to remount your EncFS file system. For example, we’d run the following command:

encfs ~/Dropbox/encrypted ~/Private

You’ll have to provide your password.

image

If you want your EncFS file system automatically mounted each time you log in, you can use gnome-encfs. gnome-encfs adds your EncFS password to your GNOME keyring and automatically mounts it each time you log in.

EncFS on Windows

Use encfs4win to access EncFS file systems on Windows. To use encfs4win, you’ll also have to install version 0.6 of the Dokan library.

You can launch encfsw.exe and use the graphical program to mount or create EncFS file systems.

image


There’s also an Android app, named Cryptonite, for accessing EncFS file systems on your Android phone or tablet. BoxCryptor, which we’ve covered before, uses EncFS as its backend.

Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.

  • Published 08/15/12

Comments (10)

  1. cam2644

    Useful info for commercial users but probably not worth the hassle for the average home user.

  2. franhirs

    Thanks. This seems to be an alternative to Boxcryptor. When using encryption, it should always be done on the user side with programs like these. The file or volume travels through the pipes already encrypted, and the key or passphrase is never in hands of third parties (server side encryption). In this way you comply with the TNO principle = Trust No One :-).

  3. geeknik

    I just use Boxcryptor myself.. Seems reliable enough for the few things I use it for..

  4. Michael Rush

    Great post. Read the history of encryption on wikipedia.
    http://en.wikipedia.org/wiki/Cryptography

  5. nooby

    Nice tut, how wud u implement this using a cron job, hav a script that backs up mu data and uploads to dropbox folder

  6. snap

    what about win8, any support there?

  7. alvasrawuther

    Windows has a graphical interface for Encfs, but why not for linux? Maybe that is why linux is still considered a geek’s OS.

    Anyway, thanks for the great tip. It might be of some use to me some time. :)

  8. Guillaume

    I use boxcryptor, easy to set up and cross platform. (please edit if my link is not appropriate) http://www.limeapp.com/en/offre-du-jour/144-boxcryptor-protect-your-files-dropbox-google-drive-sd-card.html

  9. OG

    CryptKeeper is a great GUI for Encfs in linux. Available in the Ubuntu repo or from the web.

  10. Fernando

    Hello,

    I have a question, I can configure a Linux computer (encfs) and a Windows computer (encfsw.exe) to share information between each of them through the cloud (Dropbox)? Is it possible?

    Thank you.

Enter Your Email Here to Get Access for Free:

Go check your email!