Recently I discovered Cryptkeeper in the Ubuntu Software Centre - it's a front-end for EncFS that sits in the system tray providing hassle-free access to your encrypted directories. Whilst this is undoubtedly a useful applet, it suffers from problems of memory leaks and segmentation faults and, despite the fact that there is a patch available, I've no idea how to fix the problem!
However, like most graphical interfaces, Cryptkeeper is really just a bridge between the user and the command line and the command line is often a "faster and more powerful" way to get things done. So, when I experienced a segfault earlier today, I thought that I'd explore EncFS's options using a terminal. In this post I'll outline the basic commands for creating, mounting, & unmounting an encrypted directory.
Creating an encrypted directory is simple - the command takes the form:encfs /path/.dir_name /path/dir_name
Let's assume that I want to create an encrypted directory in my /home/usr_name directory called, crypt, my command is:encfs /home/jogga/.crypt /home/jogga/crypt
I'll be notified that these directories don't exist and prompted to create them - at each prompt, I type y and press enter. I get the following output:
Creating new encrypted volume.
Please choose from one of the following options:
enter "x" for expert configuration mode,
enter "p" for pre-configured paranoia mode,
anything else, or an empty line will select standard mode.
?>
Selecting the standard configurations results in the following output:
Standard configuration selected.
Configuration finished. The filesystem to be created has the following properties:
Filesystem cipher: "ssl/aes", version 2:2:1
Filename encoding: "nameio/block", version 3:0:1
Key Size: 192 bits
Block Size: 1024 bytes
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
File holes passed through to ciphertext.
Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism. However, the password can be changed
later using encfsctl.
New Encfs Password:
Verify Encfs Password:
The new directories are created and mounted - that's it! Mouting existing directories takes the same form as above:encfs /path/.dir_name /path/dir_name
Now I'll only be prompted for the password and my directory will be open and available to browse using Nautilus. However, if I want to limit the time a directory can remain open, I can add a switch to umount the directory automatically after a period of inactivity:encfs --idle=time_min /path/.dir_name /path/dir_name
Where time_min is an integer of 1 or more.
Unmounting an encrypted directory takes the form:
fusermount -u /path/dir_name
Having the option to use a terminal should Cryptkeeper crash is useful and saves the trouble of having to reboot the system. Moreover, it's a great way to learn how things work in Linux.
Sources & References:
- Github Social Coding: jmtd / cryptkeeper (Patch code for Cryptkeeper)
- Ubuntu Manpages: encfs
- Ubuntu Documentation: Using the Terminal
No comments:
Post a Comment