encfs is no longer being maintained. Please use ecryptfs instead.
- Install encfs using 'yum install fuse-encfs'
- Create directory for encrypted files. (mkdir abcd-raw)
- Create mount point for unencrypted files. (mkdir abcd)
- Use command encfs to mount raw encrypted files directory on normal unencrypted directory. (encfs /home/saurabh/abcd-raw /home/saurabh/abcd ). Note that it is necessary to give full path for both raw and normal directory while using encfs command.
- Now test by creating few files in 'abcd' directory and their encrypted counterparts will be shown in 'abcd-raw' directory.
- To change password use 'encfsctl <raw_directory>' command. For example 'encfsctl passwd /home/saurabh/abcd-raw'
Encrypting directory contents
To enable encryption on directory contents one can use following steps:
- Ensure that directory being encrypted is not in use. Use 'lsof | grep /documents' to verify.
- mv /documents /documents_raw
- mdkir /documents
- encfs /docuemnts_raw /documents
- cd /documents_raw
- 'mv `echo *` /documents'. Avoid direct use of wildcards in this command. Also you would have to move . [dot] files carefully without moving '.encfs<n>' file.
If access to unencrypted directory from non-root users is desried then '--public' option must be used while mounting. For example:
encfs --public /documents_raw /documents
When used in this manner normal unix file permissions still apply.
We can use bash scripts to mount raw directories to unencrypted mount points at boot. Sample bash script is given below:
#!/bin/sh sudo encfs --public /documents_raw /documents sudo encfs --public /var/lib/pgsql_raw /var/lib/pgsql sudo /sbin/service postgresql start sudo encfs --public /var/lib/mysql_raw /var/lib/mysql sudo /sbin/service mysqld start
encfs and windows
Encfs is also available for window and similar command line options can be used on Windows for encrypting personal folders.
encfs crash problem on fully updated centOS 5.X
On fully updated system encfs may crash with error
terminate called after throwing an instance of 'boost::filesystem::filesystem_error'
this can be because of version of boost.
To work-around this problem copy file '.encfs5 from someother encfs filesystem and use it to encrypt encryption directory. One can change password using encfsctl if required. For this to work we must know the password used in old .encfs5 file.
This problem is not solved by installing latest version of boost (boost_1_46_1.tar.bz2 at time of writing) using:
- Extract boost source code
- sudo ./bjam install