Encfs – How to Encrypt and Password Protect Data on Ubuntu/Debian/Linux Mint

By | August 11, 2020
0 Comment

Encfs - Encrypted file system

We often need to put some confidential data on the hard drive, in which case it becomes essential to have some kind of security mechanism to keep it hidden from unauthorised access of any kind.

It could contain credit card numbers, bank statements and list of passwords for various online services.

One way to protect such data with security is to put them in a directory that is password protected or is encrypted.

So the encrypted content will need a password everytime to be viewed.

Ubuntu comes with a few handy tools to do this, although they are terminal based and will require a bit of effort to setup and use.

1. Install and setup encfs

The tool is called encfs and is easily installable from synaptic.

$ sudo apt-get install encfs

Once it is installed it will need a minimal setup.

2. Encrypt

Lets say we want to create an encrypted directory called .encrypted inside the home directory whose content shall be available in the directory 'visible' upon request. Then run the following command.

$ encfs ~/.encrypted ~/visible

On the first run it will ask a couple of questions like mode and password etc.

$ encfs ~/.encrypted ~/visible
The directory "/home/enlightened/.encrypted/" does not exist. Should it be created? (y,n) y
The directory "/home/enlightened/visible" does not exist. Should it be created? (y,n) y
Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
?> p

Paranoia configuration selected.

....truncated....

New Encfs Password: 
Verify Encfs Password: 
$

Now it is setup and to use it run the same command everytime.

$ encfs ~/.encrypted ~/visible
EncFS Password:

It will ask for the password that was set earlier and upon entering the correct password, the contents of the '.encrypted' directory will be available in the 'visible' directory.

Now put all your confidential data inside the visible directory and will be go into the encrypted directory.

Once you are done working with the confidential data, simply unmount the visible directory by issuing the following command

$ fusermount -u ~/visible

It will unmount the encrypted directory and all content that was visible in the visible directory will vanish. Rest assured it is there in the encrypted directory and will become available again by running the previous command.

3. Cryptkeeper

Cryptkeeper is a gui tool that makes the process of mounting and unmounting the encrypted folder a bit easier by providing a taskbar icon. Install it from synaptic.

$ sudo apt-get install cryptkeeper

Now it can be run from "Applications->System Tools->Crytpkeeper" menu in gnome or the K->System->Cryptkeeper menu in kde.

Once the taskbar icon comes up left click on it and click "Import EncFS Folder".

Select the encrypted directory and the directory to mount from the popup dialog. Now again left click on the taskbar icon and select the directory to mount it.

It will ask for the password and will mount the directory then. To unmound again click the icon and unselect the directory. Simple as that.

Update

Cryptkeeper was removed from Ubuntu 18.04 so we need an alternative for newer Ubuntu versions.

Check this discussion on askubuntu:
https://askubuntu.com/questions/1047704/cryptkeeper-removed-from-ubuntu-18-04

If you have any feedback or questions, let us know in the comments below.

About Silver Moon

A Tech Enthusiast, Blogger, Linux Fan and a Software Developer. Writes about Computer hardware, Linux and Open Source software and coding in Python, Php and Javascript. He can be reached at [email protected].

Leave a Reply

Your email address will not be published. Required fields are marked *