Encrypt Cloud Storage with EncFS - Linux & Windows Guide

Protecting Your Data with EncFS on Linux

Are you utilizing cloud storage platforms like Dropbox to safeguard sensitive files? Enhance your security by employing EncFS, a specialized encrypting file system designed for Linux.

EncFS operates by transparently encrypting and decrypting each file individually, utilizing your designated encryption key.

How EncFS Differs from TrueCrypt

Unlike TrueCrypt, which consolidates encrypted files into a single, large container, EncFS adopts a distinct approach.

It generates separate files for each item you choose to encrypt.

Benefits for Cloud Storage Users

This method proves particularly advantageous when integrated with cloud storage services.

Services often re-upload entire containers upon any modification; EncFS avoids this by only uploading changed, individual files.

An experimental version of EncFS is also available for Windows operating systems.

Setting Up EncFS on Linux Systems

To begin, install EncFS on Ubuntu by executing the following command in your terminal:

sudo apt-get install encfs

For Linux distributions other than Ubuntu, locate the EncFS package within your system’s package manager and proceed with its installation.

Creating an Encrypted Volume

A new EncFS encrypted volume can be created using this command:

encfs ~/Dropbox/encrypted ~/Private

This action establishes two distinct directories. The ~/Dropbox/encrypted directory will store the encrypted files, enabling synchronization via Dropbox. The ~/Private directory provides access to the decrypted files.

You are free to designate alternative locations for either of these directories, based on your preferences.

Following command execution, you will be presented with a series of prompts. The default paranoia mode (selected by typing 'p') is generally sufficient, though 'x' allows for expert-level configuration.

Password Protection

EncFS will then request the creation of a password for your encrypted volume.

It is crucial to remember this password, as data access will be permanently lost if it is forgotten.

Here's a breakdown of the process:

Install EncFS using your distribution’s package manager.
Create the encrypted volume with the encfs command.
Choose a suitable paranoia mode.
Securely store the generated password.

Utilizing EncFS for File Encryption on Linux

The Private folder, previously established, serves as the designated location for your files. It is within this directory that both the storage and retrieval of decrypted files are managed.

how-to-encrypt-cloud-storage-on-linux-and-windows-with-encfs-4.jpg

The encrypted counterparts of your files will reside within the /Dropbox/encrypted directory. Dropbox synchronization will then distribute these files across your connected devices, ensuring that their content remains inaccessible to unauthorized users without the correct password.

how-to-encrypt-cloud-storage-on-linux-and-windows-with-encfs-5.jpg

Crucial Considerations:

Avoid directly placing files into the /Dropbox/encrypted folder; disregard its existence for file storage. Instead, utilize the Private folder for all file operations. Files placed directly into the encrypted folder will not undergo encryption.
The .encfs.xml file is vital and should not be deleted or lost (it is hidden by default – use Ctrl+H in Nautilus to reveal hidden files). Creating a backup of this file is strongly recommended, as its loss will result in permanent inaccessibility to your encrypted data.

how-to-encrypt-cloud-storage-on-linux-and-windows-with-encfs-6.jpg

The EncFS directory can be mounted on multiple computers using the same command. This allows for convenient access to your encrypted files across all your devices.

File System Remounting Procedures

The EncFS system does not remount automatically following a system reboot. Consequently, upon logging back in, access to your files will be unavailable until the EncFS command is executed again.

This inherent behavior enhances security, preventing unauthorized access to your encrypted data until deliberate mounting is performed.

Should your designated Private folder appear vacant, it indicates that the EncFS file system is currently not mounted.

Remounting the File System

To regain access, simply execute the identical command previously used for mounting. For instance, the following command would be utilized:

encfs ~/Dropbox/encrypted ~/Private

You will be prompted to enter your password for authentication.

Automatic Mounting with gnome-encfs

For convenience, automatic mounting of your EncFS file system upon each login can be achieved through the use of gnome-encfs.

This utility securely stores your EncFS password within the GNOME keyring, enabling automatic mounting whenever you log into your system.

gnome-encfs streamlines the process, eliminating the need for manual remounting after each session.

Utilizing EncFS on Windows Systems

Accessing EncFS file systems on Windows is facilitated through the application encfs4win. Successful operation of encfs4win necessitates the installation of Dokan library version 0.6 as a prerequisite.

The encfsw.exe executable can be initiated, providing users with a graphical interface for both mounting existing and creating new EncFS file systems.

This allows for a user-friendly experience when managing encrypted files.

Beyond desktop operating systems, EncFS accessibility extends to mobile platforms. An Android application, Cryptonite, is available for accessing EncFS file systems directly from Android phones and tablets.

Furthermore, BoxCryptor, a previously discussed solution, leverages EncFS as its underlying encryption engine.

This provides an alternative method for utilizing EncFS functionality within a broader security framework.

Topics

More