File encryption with EncFS
Command Line – EncFS
EncFS is an easy and effective CLI application for encrypting files that also allows for customization.
Linux has no shortages of solutions for file encryption. First released in 2001, EncFS [1] is one of the oldest solutions but remains one of the easiest to set up and use. It uses two directories: an unencrypted directory for dropping files into, and an encrypted directory that automatically creates encrypted copies of those files. Any further manipulation of the setup or files is done with the encfsctrl
utility [2]. However, some insecure copies of EncFS are still in use, so be careful to get 1.9.5, the latest version, which fixes the vulnerabilities of earlier versions.
EncFS has several other advantages besides its ease of use. One is that because EncFS runs in userspace, using the FUSE libraries [3], ordinary users, not just root, can create its virtual filesystem. Additionally, running in userspace means that an encrypted volume can be administered by existing utilities such as Rsync
and fsck
. Similarly, standard backup utilities can back up only the EncFS-associated files that have changed.
EncFS can use both removable drives and cloud storage (see below). The volume key that is usually stored in the same directory as the encrypted data can be password protected and stored elsewhere, including on a removable drive or in the cloud for added security. Also, encrypted directories do not have any fixed size, growing as files are added or deleted instead of requiring a fixed space to be allocated. All these features add up to a CLI application that is almost as easy to use as a graphical interface.
Setting up EncFS
EncFS is available in most major distributions. To set it up, make sure that the FUSE package is installed, and then set up EncFS with the following command:
encfs ~/ENCRYPTED-DIRECTORY ~/UNENCRYPTED-DIRECTORY
If the directories named do not exist, EncFS automatically creates them. However, if you prefer, you can create the directories before running EncFS using mkdir -p
. The -p
option creates any necessary parent directory as well as the one required. Although security by obscurity should not be relied upon, you can hide the encrypted directory by adding a period at the start of its name, concealing it from the defaults of most basic commands.
If you want to use EncFS in cloud storage, make the encrypted directory a subfolder of the directory associated with your cloud account. For example, if you are using Dropbox, the subfolder might be ~/Dropbox/encrypted
. The next time you sync your local and cloud directories, the encrypted directory is automatically uploaded to the cloud storage.
No matter where the required directories are located, the first time you run EncFS, you are prompted to set up the encryption (Figure 1). The default standard, or paranoia mode, provides a moderately high level of protection, and can be used automatically by adding the option --standard
to the basic command. By contrast, the expert mode must always be specifically chosen. Expert mode prompts users with a series of questions to set the level of encryption. The man page explains each of the settings, but the most important difference is the key size (Table 1). Setup for both modes ends with choosing a password for accessing the encrypted directory via EncFS.
Table 1
Encryption Modes
Standard or Paranoia Mode | Expert Mode |
|
---|---|---|
Cipher |
AES key |
AES key |
Size |
192 bits PBKDF2 with 1/2 second runtime, 160 bit salt |
256 bits PBKDF2 with 3 second runtime, 160 bit salt (maximum) |
Filesystem Block size |
1024 bytes |
1024 bytes |
Filename Encoding |
Block encoding with IV chaining, unique initialization vector file headers |
Block encoding with IV chaining, unique initialization vector file headers, message authentication code (MAC) block headers, external IV chaining |
Although the man page recommends that most users chose the paranoia mode, users might prefer to use the expert mode simply to have a larger key, accepting the default for any of the other settings about which they are uncertain. Note, however, that in the past some cloud storage sites have had trouble with EncFS in expert mode. If that happens, delete the existing directories and try setting up in paranoia mode.
To check that EncFS is running, look for entries in the output of mount
or temporary entries when running df -h
. More simply, add a file to the unencrypted directory and then check that a file appears in the encrypted directory. If problems persist, try running the command with the verbose option (-v
), which gives copious details for debugging (Figure 2).
Running and Administrating EncFS
To mount existing EncFS directories for use, repeat the command used to create them:
encfs ~/ENCRYPTED-DIRECTORY~/UNENCRYPTED-DIRECTORY
At this point, you will be prompted for the password.
For most users, no additional options are likely required. However, EncFS does have a small set of options, which are described thoroughly in the man page. Most of these options set the details of how the command is run, such as -f
, which runs EncFS in the foreground instead of the default background, or -s
, which runs EncFS in a single thread, instead of the default multiple threads. These options are useful on older or smaller systems. But on modern systems, these options are unlikely to be needed except when other intensive programs are running at the same time as EncFS.
Still, there are several options that might be useful in specific circumstances. For instance, some users may choose to add --idle=MINUTES
to unmount the encrypted directory automatically.
Users who want to share the encrypted directory – which should only be done cautiously – might use the option --public
. And when searching the encrypted directory, --reverse
can be used to display an encrypted file in plain text.
When not using EncFS, you can shut it down with the command
fusermount -u ~/UNENCRYPTED-DIRECTORY
However, many administrative tasks can be done using encfsctl
. encfsctl
is a utility that is generally packaged with EncFS, but it is easy to overlook. In fact, a search for how-tos on EncFS suggests that many are unaware of it altogether. And, admittedly, other standard commands are often convenient ways to administer EncFS.
Still, encfsctl
is worth learning. For example, the info sub-command displays basic information about EncFS's encrypted directory. If you suspect that the applications used to create a file may have made them unencryptable for one reason or another, you can confirm your suspicions with the sub-command showcruft
. At times, too, it may be useful to use decode
to show the name of an encrypted file and display its unencrypted version, or, conversely, to use encode
to show the name of an unencrypted file and show its encrypted version. As the man page notes, both decode
and encode
can be useful for such operations as deciding which files to include or exclude during a backup.
Probably the most useful of encfsctl
's sub-commands is passwd
(Figure 3). After all, security of any password is generally thought to increase when it is changed regularly. If that is true (and some would disagree), passwords used to view encrypted files should be no exception.
Caveats and Shortcomings
For most users, EncFS is a simple and reliable encryption tool. In some cases, though, it does have limitations that might reduce security.
A possible concern is that anyone who can read the encrypted directory can view the file attributes. This information – especially the time the file was created and the last time the file was saved – could be enough to guess the content of the file. To avoid this possibility, change the permissions so that the encrypted files can only be read or written to by you.
Another shortcoming is that, in paranoia mode, EncFS only supports file names of 190 bits. By contrast, most filesystems support names of 256 bits. This difference means that very long file names may be truncated. Truncation is especially likely with long file names because encrypted names are generally longer than the unencrypted ones, so the act of encryption can accidentally take the file name over the limit. For this reason, if you use extremely long file names, you should set up EncFS in expert mode.
More seriously still, some versions of EncFS are believed to have unpatched vulnerabilities. Most obviously, according to a 2014 report from Taylor Hornby of Defuse Security, the version in Debian Stable might be vulnerable to timing analysis, as well as attacks that lower the default encryption level without informing the user. The Debian Project took these possibilities seriously enough to add a warning to the package that displays when installed. Version 1.8 is thought to have corrected some of these vulnerabilities, but not all. To be as safe as possible, users should use only version 1.9.5 or later, using only expert mode.
Happily, these problems can be sidestepped. The problem is, many users are likely to download EncFS directly from their distribution's repositories – and not every distribution is as conscientious as Debian about informing users. With a little research, EncFS can serve users safely. Yet without that research, it can potentially give users a false sense of security. If you are especially concerned about security, you might even consider waiting for the 2.0 release that is rumored to be in development.
Infos
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.