Encrypted Directory With encfs

I would like to keep my secrets in encrypted directory. It seems that there already exists a nice solution to this problem and it is called encfs.

For reference, I found online manual with examples after visiting baeldung linux article first.

So, let’s do it.

Create a pair of directories

Here I’m creating two directories:

  • ~/.crypt is the source directory - here encrypted data are stored
  • ~/crypt directory which is the mountpoint - here I would see decrypted files to work with
[karma@tpd] mkdir ~/crypt ~/.crypt

Create encfs

Now, in order to start working with encsfs I issue following command: encfs source mountpoint:

encfs ~/.crypt ~/crypt

This command creates an encfs filesystem at ~/.crypt and mounts it at ~/crypt which - when written to - would transparently encrypt data to ~/.crypt; in this case it prompts for password which you have to remember (it can later be changed using encfsctl); if mountpoint is not empty - it prints a warning and quits.

  • each file in source has a corresponding file in mountpoint
  • file names are also encrypted

Encrypt files

I create file secret_file.txt with some data inside ~/crypt and I can see that there is also a file in ~/.crypt:

[karma@tpd|~] echo "my secret data" > ~/crypt/secret_file.txt
[karma@tpd|~] cat ~/crypt/secret_file.txt 
my secret data
[karma@tpd|~] ls ~/.crypt/

Unmount the filesystem

After my interaction with the filesystem is complete, I can unmount it using:

fusermount -u ~/crypt


My personal usecases for encfs are:

  • keep my personal journal entries (stored as plaintext, e.g. markdown, files) encrypted
  • encrypt file(s) with passwords
  • store private files on remote servers (e.g. on hosting provider machine) in encrypted form

It is super easy to use and - assuming I will not forget my password - give me a warm feeling that my data will not be easily seen and used