Encrypting files and folders with EncFS

Unmaintained?

The EncFS version 1.7.4 available with all the major distributions is now more than three years old. Although no newer versions have been released, maintainer Valient Gough does continuously update the source code of EncFS in the Subversion repository [5]. When asked, Gough confirmed the arrival of a new 1.7.5 version of EncFS soon, but it will only contain minor bugfixes and, particularly for Linux users, introduce hardly noticeable changes.

In the meantime, however, work on the next major version is in full swing. EncFS 2.0 will include many improvements under the hood, such as moving the build system to cmake and introducing unit tests. In the future, it also will be possible to use other security back ends besides OpenSSL.

Additional Software

A number of additional programs related to EncFS simplify the task of managing encrypted directories, thanks to a graphical user interface, or better integrate EncFS into the system. For example, Cryptkeeper [6], which is a system tray applet (Figure 3), provides the main functions of EncFS.

Figure 3: The Cryptkeeper system tray applet helps you manage EncFS volumes.

The simple KDE application KEncFS [7] can integrate and unmount EncFS directories (Figure 4). However, it does not seem to be under active development currently and thus has been missing from the repositories of almost all distributions for some time. If you still want to use the tool, you will need to compile it from the source code.

Figure 4: Although the KEncFS graphical interface does a good job in principle, it has not been under active development for a long time and is only available as source code.

Gnome EncFS Manager [8] is another program with a tray applet for managing EncFS under Gnome (Figure 5).

Figure 5: The Gnome EncFS Manager provides a rich graphical interface for the Gnome desktop.

This tool also attempts to automate typical processes, such as unmounting EncFS directories on logout.

A tool for PAM (Pluggable Authentication Module), called pam-encfs [9], allows you to mount an EncFS directory automatically at login, saving you the bother of entering a password – at the expense of security. The password used to encrypt a directory with EncFS must be the same as the system login password.

A better alternative to pam-encfs exists for Gnome users at least: gnome-encfs [10] stores EncFS passwords in the Gnome keyring and thus (optionally) lets you mount EncFS directories at login.

Future

EncFS is available not only for Linux but for Windows and Mac OS X, too. Thus, it is no trouble to exchange encrypted data across operating system boundaries. You can encrypt, say, your Dropbox folder or a directory on your external hard drive using EncFS and still use it on another platform.

The encfs4win [11] project supports the use of EncFS under Windows. To install the encryption software on Mac OS X, you need the homebrew package manager (brew install encfs). Apple fans also have the option of using EncFSVault [12] to replace the original Apple FileVault.

The Author

Thilo Uttendorfer is the head of the development department at Linux Information Systems AG in Munich. You can reach him on Twitter @Sengaya.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Simple Security

    EncFS is an easy and effective CLI application for encrypting files that also allows for customization.

  • Command Line: Encrypting Partitions

    Modern installers offer the option of encryption with just a few clicks, but you might want to take control of the process. We show how to encrypt your partitions safely without sacrificing convenience.

  • SiriKali

    SiriKali encrypts files and directories with just a few mouse clicks, without the inefficiency of fixed-size containers.

  • Encrypting Block Devices

    The recent revelations about NSA spying have sparked renewed interest in data encryption. Encrypting at the file level is quick and easy, but if you're looking for an extra dose of protection, try encrypting the whole block device.

  • Disk Encryption

    Encrypted volumes have long since ceased to be an exception or luxury. Corporate policies and compliance rules often demand encryption for critical data. This article looks at tools for disk encryption on Linux.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News