Thursday, January 19, 2012

Encrypt or Lock Directory/folder in Ubuntu Linux using encfs

this tutorial is done using Ubuntu
1- install encfs unities
#apt-get install encfs
2- using encfs to create encrypt directory name .cat and mount to cat

root@angkorwat:/home# encfs /home/.cat /home/cat/
The directory "/home/.cat/" does not exist. Should it be created? (y,n) y
The directory "/home/cat/" does not exist. Should it be created? (y,n) y
Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
?> p

Paranoia configuration selected.

Configuration finished.  The filesystem to be created has
the following properties:
Filesystem cipher: "ssl/aes", version 3:0:2
Filename encoding: "nameio/block", version 3:0:1
Key Size: 256 bits
Block Size: 1024 bytes, including 8 byte MAC header
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
File data IV is chained to filename IV.
File holes passed through to ciphertext.

-------------------------- WARNING --------------------------
The external initialization-vector chaining option has been
enabled.  This option disables the use of hard links on the
filesystem. Without hard links, some programs may not work.
The programs 'mutt' and 'procmail' are known to fail.  For
more information, please see the encfs mailing list.
If you would like to choose another configuration setting,
please press CTRL-C now to abort and start over.

Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism.  However, the password can be changed
later using encfsctl.

New Encfs Password:
Verify Encfs Password:

Note: when it first created it automatically mounted

 root@angkorwat:/home# mount
/dev/sda3 on / type ext4 (rw,errors=remount-ro,commit=0)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
none on /run/shm type tmpfs (rw,nosuid,nodev)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev)
gvfs-fuse-daemon on /home/dara/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=dara)
encfs on /home/cat type fuse.encfs (rw,nosuid,nodev,default_permissions)

3. When you restart the computer it will mount for you, so to mount it using command
 root@angkorwat:/home# encfs /home/.cat/ /home/cat/

4. To unmount it you can use
  root@angkorwat:/home# killall encfs

you can not use relative path( cat), you have to use recursive path (/home/cat)

So no one can access to your folder. to access the folder to have to type the password.

No comments:

Post a Comment