File encryption with EncFS

Command Line – EncFS

© Lead Image © Marvin Ristau de,

© Lead Image © Marvin Ristau de,

Article from Issue 224/2019

EncFS is an easy and effective CLI application for encrypting files that also allows for customization.

Linux has no shortages of solutions for file encryption. First released in 2001, EncFS [1] is one of the oldest solutions but remains one of the easiest to set up and use. It uses two directories: an unencrypted directory for dropping files into, and an encrypted directory that automatically creates encrypted copies of those files. Any further manipulation of the setup or files is done with the encfsctrl utility [2]. However, some insecure copies of EncFS are still in use, so be careful to get 1.9.5, the latest version, which fixes the vulnerabilities of earlier versions.

EncFS has several other advantages besides its ease of use. One is that because EncFS runs in userspace, using the FUSE libraries [3], ordinary users, not just root, can create its virtual filesystem. Additionally, running in userspace means that an encrypted volume can be administered by existing utilities such as Rsync and fsck. Similarly, standard backup utilities can back up only the EncFS-associated files that have changed.

EncFS can use both removable drives and cloud storage (see below). The volume key that is usually stored in the same directory as the encrypted data can be password protected and stored elsewhere, including on a removable drive or in the cloud for added security. Also, encrypted directories do not have any fixed size, growing as files are added or deleted instead of requiring a fixed space to be allocated. All these features add up to a CLI application that is almost as easy to use as a graphical interface.


Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • EncFS

    The EncFS virtual filesystem reduces the configuration overhead for data encryption on Linux.

  • Encrypting Block Devices

    The recent revelations about NSA spying have sparked renewed interest in data encryption. Encrypting at the file level is quick and easy, but if you're looking for an extra dose of protection, try encrypting the whole block device.

  • Command Line: Encrypting Partitions

    Modern installers offer the option of encryption with just a few clicks, but you might want to take control of the process. We show how to encrypt your partitions safely without sacrificing convenience.

  • Encrypted Filesystems

    If you’re not a security expert and you're looking for a crypto filesystem, you may be wondering about the alternatives. We took at a look at some popular crypto options for Linux.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95