Encrypting files and folders with EncFS

Unmaintained?

The EncFS version 1.7.4 available with all the major distributions is now more than three years old. Although no newer versions have been released, maintainer Valient Gough does continuously update the source code of EncFS in the Subversion repository [5]. When asked, Gough confirmed the arrival of a new 1.7.5 version of EncFS soon, but it will only contain minor bugfixes and, particularly for Linux users, introduce hardly noticeable changes.

In the meantime, however, work on the next major version is in full swing. EncFS 2.0 will include many improvements under the hood, such as moving the build system to cmake and introducing unit tests. In the future, it also will be possible to use other security back ends besides OpenSSL.

Additional Software

A number of additional programs related to EncFS simplify the task of managing encrypted directories, thanks to a graphical user interface, or better integrate EncFS into the system. For example, Cryptkeeper [6], which is a system tray applet (Figure 3), provides the main functions of EncFS.

Figure 3: The Cryptkeeper system tray applet helps you manage EncFS volumes.

The simple KDE application KEncFS [7] can integrate and unmount EncFS directories (Figure 4). However, it does not seem to be under active development currently and thus has been missing from the repositories of almost all distributions for some time. If you still want to use the tool, you will need to compile it from the source code.

Figure 4: Although the KEncFS graphical interface does a good job in principle, it has not been under active development for a long time and is only available as source code.

Gnome EncFS Manager [8] is another program with a tray applet for managing EncFS under Gnome (Figure 5).

Figure 5: The Gnome EncFS Manager provides a rich graphical interface for the Gnome desktop.

This tool also attempts to automate typical processes, such as unmounting EncFS directories on logout.

A tool for PAM (Pluggable Authentication Module), called pam-encfs [9], allows you to mount an EncFS directory automatically at login, saving you the bother of entering a password – at the expense of security. The password used to encrypt a directory with EncFS must be the same as the system login password.

A better alternative to pam-encfs exists for Gnome users at least: gnome-encfs [10] stores EncFS passwords in the Gnome keyring and thus (optionally) lets you mount EncFS directories at login.

Future

EncFS is available not only for Linux but for Windows and Mac OS X, too. Thus, it is no trouble to exchange encrypted data across operating system boundaries. You can encrypt, say, your Dropbox folder or a directory on your external hard drive using EncFS and still use it on another platform.

The encfs4win [11] project supports the use of EncFS under Windows. To install the encryption software on Mac OS X, you need the homebrew package manager (brew install encfs). Apple fans also have the option of using EncFSVault [12] to replace the original Apple FileVault.

The Author

Thilo Uttendorfer is the head of the development department at Linux Information Systems AG in Munich. You can reach him on Twitter @Sengaya.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Command Line: Encrypting Partitions

    Modern installers offer the option of encryption with just a few clicks, but you might want to take control of the process. We show how to encrypt your partitions safely without sacrificing convenience.

  • Encrypting Block Devices

    The recent revelations about NSA spying have sparked renewed interest in data encryption. Encrypting at the file level is quick and easy, but if you're looking for an extra dose of protection, try encrypting the whole block device.

  • Encrypted Filesystems

    If you’re not a security expert and you're looking for a crypto filesystem, you may be wondering about the alternatives. We took at a look at some popular crypto options for Linux.

  • Crypto Tricks Intro

    Today’s computers are fast enough for some very sophisticated cryptography techniques. We’ll show you how to keep your data safe from the prying eyes of snoops and spies.

  • VeraCrypt

    The VeraCrypt encryption software comes with a handy graphical interface, and the ability to hide a container in an encrypted volume adds a unique professional feature: plausibly deniable encryption.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News