Encrypted Directory With encfs
I would like to keep my secrets in encrypted directory. It seems that there already exists a nice solution to this problem and it is called encfs.
For reference, I found online manual with examples after visiting baeldung linux article first.
So, let’s do it.
Create a pair of directories
Here I’m creating two directories:
- ~/.crypt is the source directory - here encrypted data are stored
- ~/crypt directory which is the mountpoint - here I would see decrypted files to work with
|
|
Create encfs
Now, in order to start working with encsfs I issue following command: encfs source mountpoint
:
|
|
This command creates an encfs filesystem at ~/.crypt and mounts it at ~/crypt which - when written to - would transparently encrypt data to ~/.crypt; in this case it prompts for password which you have to remember (it can later be changed using encfsctl
); if mountpoint is not empty - it prints a warning and quits.
- each file in source has a corresponding file in mountpoint
- file names are also encrypted
Encrypt files
I create file secret_file.txt
with some data inside ~/crypt and I can see that there is also a file in ~/.crypt:
|
|
Unmount the filesystem
After my interaction with the filesystem is complete, I can unmount it using:
|
|
Summary
My personal usecases for encfs are:
- keep my personal journal entries (stored as plaintext, e.g. markdown, files) encrypted
- encrypt file(s) with passwords
- store private files on remote servers (e.g. on hosting provider machine) in encrypted form
It is super easy to use and - assuming I will not forget my password - give me a warm feeling that my data will not be easily seen and used