How to Install EncFS to encrypt the data on Ubuntu 16.04
To Install EncFS to encrypt the data on Ubuntu 16.04
EncFS is an Encrypted Filesystem, which runs without any special permissions in user-space. It provides the filesytem interface by using the FUSE library and Linux kernel module. Installation of EncFS and encryption of data with EncFS on Ubuntu 16.04 is explained in this manual.
Installation of EncFS
Follow below steps to install EncFS.
root@linuxhelp1:~# apt-get install encfs -y Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: libpango1.0-0 libpangox-1.0-0 linux-headers-4.4.0-21 linux-headers-4.4.0-21-generic linux-image-4.4.0-21-generic linux-image-extra-4.4.0-21-generic Use ' sudo apt autoremove' to remove them. The following additional packages will be installed: libboost-serialization1.58.0 librlog5v5 The following NEW packages will be installed: encfs libboost-serialization1.58.0 librlog5v5 0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded. Need to get 406 kB of archives. After this operation, 2,178 kB of additional disk space will be used. Get:1 http://in.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 libboost-serialization1.58.0 amd64 1.58.0+dfsg-5ubuntu3.1 [113 kB] Get:2 http://in.archive.ubuntu.com/ubuntu xenial/universe amd64 librlog5v5 amd64 1.4-4 [18.6 kB] Get:3 http://in.archive.ubuntu.com/ubuntu xenial/universe amd64 encfs amd64 1.8.1-3 [274 kB] Fetched 406 kB in 9s (42.9 kB/s)Preparing to unpack .../libboost-serialization1.58.0_1.58.0+dfsg-5ubuntu3.1_amd64.deb ... Unpacking libboost-serialization1.58.0:amd64 (1.58.0+dfsg-5ubuntu3.1) ... Selecting previously unselected package librlog5v5. Preparing to unpack .../librlog5v5_1.4-4_amd64.deb ... Unpacking librlog5v5 (1.4-4) ... Selecting previously unselected package encfs. Preparing to unpack .../encfs_1.8.1-3_amd64.deb ... Unpacking encfs (1.8.1-3) ... Processing triggers for libc-bin (2.23-0ubuntu3) ... Processing triggers for man-db (2.7.5-1) ... Setting up libboost-serialization1.58.0:amd64 (1.58.0+dfsg-5ubuntu3.1) ... Setting up librlog5v5 (1.4-4) ... Setting up encfs (1.8.1-3) ... Processing triggers for libc-bin (2.23-0ubuntu3) ...
To Encrypt data with EncFS
Create encrypt and decrypt directories in home directory.
root@linuxhelp1:~# mkdir -p /encrypt
root@linuxhelp1:~# mkdir -p /decrypt
Here, decrypted directory acts as mount point for the encrypted directory. Now run the below command to mount the encrypt directory in decrypt.
root@linuxhelp1:~# encfs /encrypt /decrypt
Creating new encrypted volume.
Please choose from one of the following options:
enter " x" for expert configuration mode,
enter " p" for pre-configured paranoia mode,
anything else, or an empty line will select standard mode.
?>
Paranoia configuration selected.
Configuration finished. The filesystem to be created has
the following properties:
Filesystem cipher: " ssl/aes" , version 3:0:2
Filename encoding: " nameio/block" , version 4:0:2
Key Size: 256 bits
Block Size: 1024 bytes, including 8 byte MAC header
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
File data IV is chained to filename IV.
File holes passed through to ciphertext.
-------------------------- WARNING --------------------------
The external initialization-vector chaining option has been
enabled. This option disables the use of hard links on the
filesystem. Without hard links, some programs may not work.
The programs ' mutt' and ' procmail' are known to fail. For
more information, please see the encfs mailing list.
If you would like to choose another configuration setting,
please press CTRL-C now to abort and start over.
Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism. However, the password can be changed
later using encfsctl.
New Encfs Password:
Verify Encfs Password:
Note down the entered password to recover your encrypted data. Next, to know the EncFS volume use below command.
root@linuxhelp1:~# mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=484428k,nr_inodes=121107,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=100740k,mode=755)
/dev/sda1 on / type ext4 (rw,relatime,errors=remount-ro,data=ordered)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
.
.
.
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=100740k,mode=700,uid=1000,gid=1000)
gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)
/dev/sr0 on /media/user1/Ubuntu 16.04 LTS amd64 type iso9660 (ro,nosuid,nodev,relatime,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500,uhelper=udisks2)
encfs on /decrypt type fuse.encfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0)
Use below command to view the available space in disc.
root@linuxhelp1:~#df -h
Filesystem Size Used Avail Use% Mounted on
udev 474M 0 474M 0% /dev
tmpfs 99M 6.3M 93M 7% /run
/dev/sda1 19G 5.2G 13G 30% /
tmpfs 492M 212K 492M 1% /dev/shm
tmpfs 5.0M 4.0K 5.0M 1% /run/lock
tmpfs 492M 0 492M 0% /sys/fs/cgroup
tmpfs 99M 72K 99M 1% /run/user/1000
/dev/sr0 1.4G 1.4G 0 100% /media/user1/Ubuntu 16.04 LTS amd64
encfs 19G 5.2G 13G 30% /decrypt
Here move the data into the decrypt directory to save it in the form of encrypt.
root@linuxhelp1:~# cd /decrypt/
root@linuxhelp1:/decrypt# echo " hello" > file1
root@linuxhelp1:/decrypt# echo " hello file2" > file2
root@linuxhelp1:/decrypt# ln -s file2 files
To view the above changes, use following command.
root@linuxhelp1:/decrypt# ls -l
total 8
-rw-r--r-- 1 root root 6 Aug 4 17:39 file1
-rw-r--r-- 1 root root 12 Aug 4 17:39 file2
lrwxrwxrwx 1 root root 5 Aug 4 17:40 files -> file2
-rw-r--r-- 1 root root 0 Aug 4 17:39 hello
Run the below command to display the encrypt directory. The datas will be in the encrypted form.
root@linuxhelp1:/decrypt# cd /encrypt/
root@linuxhelp1:/encrypt# ls -l
total 8
-rw-r--r-- 1 root root 0 Aug 4 17:39 ArMSNsZ9AtrlxVyYi6KrhKEy
-rw-r--r-- 1 root root 28 Aug 4 17:39 D0AaqjjuuukS0V,T,IOL3iry
-rw-r--r-- 1 root root 22 Aug 4 17:39 r2JMzOQlOHc9g4Q5cWUw2-WQ
lrwxrwxrwx 1 root root 24 Aug 4 17:40 xqqeMPlbQqss0MPSsJWSqE6A -> D0AaqjjuuukS0V,T,IOL3iry
Now unmount the encrypted volume using below command.
root@linuxhelp1:/encrypt# cd
root@linuxhelp1:~# fusermount -u /decrypt/
Run the below command to view the unmounted directory.
root@linuxhelp1:~# mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=484428k,nr_inodes=121107,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
.
.
.
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=100740k,mode=700,uid=1000,gid=1000)
gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)
/dev/sr0 on /media/user1/Ubuntu 16.04 LTS amd64 type iso9660 (ro,nosuid,nodev,relatime,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500,uhelper=udisks2)
Either use the below command to view the unmounted directory.
root@linuxhelp1:~# df -h
Filesystem Size Used Avail Use% Mounted on
udev 474M 0 474M 0% /dev
tmpfs 99M 6.3M 93M 7% /run
/dev/sda1 19G 5.2G 13G 30% /
tmpfs 492M 212K 492M 1% /dev/shm
tmpfs 5.0M 4.0K 5.0M 1% /run/lock
tmpfs 492M 0 492M 0% /sys/fs/cgroup
tmpfs 99M 72K 99M 1% /run/user/1000
/dev/sr0 1.4G 1.4G 0 100% /media/user1/Ubuntu 16.04 LTS amd64
To mount it again, run the following command.
root@linuxhelp1:~# encfs /encrypt /decrypt/
EncFS Password:
To Change Password
To change the password, make use of the following command.
root@linuxhelp1:~# encfsctl passwd /encrypt/
Enter current Encfs password
EncFS Password:
Enter new Encfs password
New Encfs Password:
Verify Encfs Password:
Volume Key successfully updated.
Q
How to unmount the encrypted volume in EncFS?
A
To unmount the encrypted volume in EncFS use "fusermount -u /mounted volume/".
Q
What is EncFS Filesystem?
A
EncFS is an Encrypted Filesystem, which runs without any special permissions in user-space. It provides the filesystem interface by using the FUSE library and Linux kernel module.
Q
what is the essential purpose of using EncFS than other file systems?
A
EncFS is an Encrypted Filesystem, which runs without any special permissions in user-space.
Q
How to provide authentication and also to create a password using EncFS?
A
To create Password Authentication use "encfsctl passwd" provide authentication and also to create a password for it.
Q
Does EncFS support with other Debian distributions?
A
EncFS is compatible to all the Debian distributions.
Is there a way to use EncFS in Ubuntu core-16?
I want to prepare a password protected folder in Ubuntu core-16.
Please let me know if I can do this in any way.
--
Thank you,
Keval.