Encrypt / password protect data on ubuntu with encfs
Encfs - Encrypted file system
We often need to put some confidential data on the hard drive, in which case it becomes essential to have some kind of security mechanism to keep it hidden from unauthorised access of any kind. It could contain credit card numbers, bank statements and list of passwords for various online services.
One way to protect such data with security is to put them in a directory that is password protected or is encrypted. So the encrypted content will need a password everytime to be viewed. Ubuntu comes with a few handy tools to do this, although they are terminal based and will require a bit of effort to setup and use.
Install and setup encfs
The tool is called encfs and is easily installable from synaptic.
$ sudo apt-get install encfs
Once it is installed it will need a minimal setup. Lets say we want to create an encrypted directory called .encrypted inside the home directory whose content shall be available in the directory 'visible' upon request. Then run the following command.
$ encfs ~/.encrypted ~/visible
On the first run it will ask a couple of questions like mode and password etc.
$ encfs ~/.encrypted ~/visible The directory "/home/enlightened/.encrypted/" does not exist. Should it be created? (y,n) y The directory "/home/enlightened/visible" does not exist. Should it be created? (y,n) y Creating new encrypted volume. Please choose from one of the following options: enter "x" for expert configuration mode, enter "p" for pre-configured paranoia mode, anything else, or an empty line will select standard mode. ?> p Paranoia configuration selected. ....truncated.... New Encfs Password: Verify Encfs Password: $
Now it is setup and to use it run the same command everytime.
$ encfs ~/.encrypted ~/visible EncFS Password:
It will ask for the password that was set earlier and upon entering the correct password, the contents of the '.encrypted' directory will be available in the 'visible' directory.
Now put all your confidential data inside the visible directory and will be go into the encrypted directory. Once you are done working with the confidential data, simply unmount the visible directory by issuing the following command
$ fusermount -u ~/visible
It will unmount the encrypted directory and all content that was visible in the visible directory will vanish. Rest assured it is there in the encrypted directory and will become available again by running the previous command.
Cryptkeeper is a gui tool that makes the process of mounting and unmounting the encrypted folder a bit easier by providing a taskbar icon. Install it from synaptic.
$ sudo apt-get install cryptkeeper
Now it can be run from "Applications->System Tools->Crytpkeeper" menu in gnome or the K->System->Cryptkeeper menu in kde. Once the taskbar icon comes up left click on it and click "Import EncFS Folder". Select the encrypted directory and the directory to mount from the popup dialog. Now again left click on the taskbar icon and select the directory to mount it. It will ask for the password and will mount the directory then. To unmound again click the icon and unselect the directory. Simple as that.