File encryption with EncFS
Command Line – EncFS
EncFS is an easy and effective CLI application for encrypting files that also allows for customization.
Linux has no shortages of solutions for file encryption. First released in 2001, EncFS [1] is one of the oldest solutions but remains one of the easiest to set up and use. It uses two directories: an unencrypted directory for dropping files into, and an encrypted directory that automatically creates encrypted copies of those files. Any further manipulation of the setup or files is done with the encfsctrl
utility [2]. However, some insecure copies of EncFS are still in use, so be careful to get 1.9.5, the latest version, which fixes the vulnerabilities of earlier versions.
EncFS has several other advantages besides its ease of use. One is that because EncFS runs in userspace, using the FUSE libraries [3], ordinary users, not just root, can create its virtual filesystem. Additionally, running in userspace means that an encrypted volume can be administered by existing utilities such as Rsync
and fsck
. Similarly, standard backup utilities can back up only the EncFS-associated files that have changed.
EncFS can use both removable drives and cloud storage (see below). The volume key that is usually stored in the same directory as the encrypted data can be password protected and stored elsewhere, including on a removable drive or in the cloud for added security. Also, encrypted directories do not have any fixed size, growing as files are added or deleted instead of requiring a fixed space to be allocated. All these features add up to a CLI application that is almost as easy to use as a graphical interface.
Setting up EncFS
EncFS is available in most major distributions. To set it up, make sure that the FUSE package is installed, and then set up EncFS with the following command:
encfs ~/ENCRYPTED-DIRECTORY ~/UNENCRYPTED-DIRECTORY
If the directories named do not exist, EncFS automatically creates them. However, if you prefer, you can create the directories before running EncFS using mkdir -p
. The -p
option creates any necessary parent directory as well as the one required. Although security by obscurity should not be relied upon, you can hide the encrypted directory by adding a period at the start of its name, concealing it from the defaults of most basic commands.
If you want to use EncFS in cloud storage, make the encrypted directory a subfolder of the directory associated with your cloud account. For example, if you are using Dropbox, the subfolder might be ~/Dropbox/encrypted
. The next time you sync your local and cloud directories, the encrypted directory is automatically uploaded to the cloud storage.
No matter where the required directories are located, the first time you run EncFS, you are prompted to set up the encryption (Figure 1). The default standard, or paranoia mode, provides a moderately high level of protection, and can be used automatically by adding the option --standard
to the basic command. By contrast, the expert mode must always be specifically chosen. Expert mode prompts users with a series of questions to set the level of encryption. The man page explains each of the settings, but the most important difference is the key size (Table 1). Setup for both modes ends with choosing a password for accessing the encrypted directory via EncFS.
Table 1
Encryption Modes
Standard or Paranoia Mode | Expert Mode |
|
---|---|---|
Cipher |
AES key |
AES key |
Size |
192 bits PBKDF2 with 1/2 second runtime, 160 bit salt |
256 bits PBKDF2 with 3 second runtime, 160 bit salt (maximum) |
Filesystem Block size |
1024 bytes |
1024 bytes |
Filename Encoding |
Block encoding with IV chaining, unique initialization vector file headers |
Block encoding with IV chaining, unique initialization vector file headers, message authentication code (MAC) block headers, external IV chaining |
Although the man page recommends that most users chose the paranoia mode, users might prefer to use the expert mode simply to have a larger key, accepting the default for any of the other settings about which they are uncertain. Note, however, that in the past some cloud storage sites have had trouble with EncFS in expert mode. If that happens, delete the existing directories and try setting up in paranoia mode.
To check that EncFS is running, look for entries in the output of mount
or temporary entries when running df -h
. More simply, add a file to the unencrypted directory and then check that a file appears in the encrypted directory. If problems persist, try running the command with the verbose option (-v
), which gives copious details for debugging (Figure 2).
Running and Administrating EncFS
To mount existing EncFS directories for use, repeat the command used to create them:
encfs ~/ENCRYPTED-DIRECTORY~/UNENCRYPTED-DIRECTORY
At this point, you will be prompted for the password.
For most users, no additional options are likely required. However, EncFS does have a small set of options, which are described thoroughly in the man page. Most of these options set the details of how the command is run, such as -f
, which runs EncFS in the foreground instead of the default background, or -s
, which runs EncFS in a single thread, instead of the default multiple threads. These options are useful on older or smaller systems. But on modern systems, these options are unlikely to be needed except when other intensive programs are running at the same time as EncFS.
Still, there are several options that might be useful in specific circumstances. For instance, some users may choose to add --idle=MINUTES
to unmount the encrypted directory automatically.
Users who want to share the encrypted directory – which should only be done cautiously – might use the option --public
. And when searching the encrypted directory, --reverse
can be used to display an encrypted file in plain text.
When not using EncFS, you can shut it down with the command
fusermount -u ~/UNENCRYPTED-DIRECTORY
However, many administrative tasks can be done using encfsctl
. encfsctl
is a utility that is generally packaged with EncFS, but it is easy to overlook. In fact, a search for how-tos on EncFS suggests that many are unaware of it altogether. And, admittedly, other standard commands are often convenient ways to administer EncFS.
Still, encfsctl
is worth learning. For example, the info sub-command displays basic information about EncFS's encrypted directory. If you suspect that the applications used to create a file may have made them unencryptable for one reason or another, you can confirm your suspicions with the sub-command showcruft
. At times, too, it may be useful to use decode
to show the name of an encrypted file and display its unencrypted version, or, conversely, to use encode
to show the name of an unencrypted file and show its encrypted version. As the man page notes, both decode
and encode
can be useful for such operations as deciding which files to include or exclude during a backup.
Probably the most useful of encfsctl
's sub-commands is passwd
(Figure 3). After all, security of any password is generally thought to increase when it is changed regularly. If that is true (and some would disagree), passwords used to view encrypted files should be no exception.
Caveats and Shortcomings
For most users, EncFS is a simple and reliable encryption tool. In some cases, though, it does have limitations that might reduce security.
A possible concern is that anyone who can read the encrypted directory can view the file attributes. This information – especially the time the file was created and the last time the file was saved – could be enough to guess the content of the file. To avoid this possibility, change the permissions so that the encrypted files can only be read or written to by you.
Another shortcoming is that, in paranoia mode, EncFS only supports file names of 190 bits. By contrast, most filesystems support names of 256 bits. This difference means that very long file names may be truncated. Truncation is especially likely with long file names because encrypted names are generally longer than the unencrypted ones, so the act of encryption can accidentally take the file name over the limit. For this reason, if you use extremely long file names, you should set up EncFS in expert mode.
More seriously still, some versions of EncFS are believed to have unpatched vulnerabilities. Most obviously, according to a 2014 report from Taylor Hornby of Defuse Security, the version in Debian Stable might be vulnerable to timing analysis, as well as attacks that lower the default encryption level without informing the user. The Debian Project took these possibilities seriously enough to add a warning to the package that displays when installed. Version 1.8 is thought to have corrected some of these vulnerabilities, but not all. To be as safe as possible, users should use only version 1.9.5 or later, using only expert mode.
Happily, these problems can be sidestepped. The problem is, many users are likely to download EncFS directly from their distribution's repositories – and not every distribution is as conscientious as Debian about informing users. With a little research, EncFS can serve users safely. Yet without that research, it can potentially give users a false sense of security. If you are especially concerned about security, you might even consider waiting for the 2.0 release that is rumored to be in development.
Infos
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.
-
New KDE Slimbook Plasma Available for Preorder
Powered by an AMD Ryzen CPU, the latest KDE Slimbook laptop is powerful enough for local AI tasks.
-
Rhino Linux Announces Latest "Quick Update"
If you prefer your Linux distribution to be of the rolling type, Rhino Linux delivers a beautiful and reliable experience.
-
Plasma Desktop Will Soon Ask for Donations
The next iteration of Plasma has reached the soft feature freeze for the 6.2 version and includes a feature that could be divisive.
-
Linux Market Share Hits New High
For the first time, the Linux market share has reached a new high for desktops, and the trend looks like it will continue.
-
LibreOffice 24.8 Delivers New Features
LibreOffice is often considered the de facto standard office suite for the Linux operating system.
-
Deepin 23 Offers Wayland Support and New AI Tool
Deepin has been considered one of the most beautiful desktop operating systems for a long time and the arrival of version 23 has bolstered that reputation.
-
CachyOS Adds Support for System76's COSMIC Desktop
The August 2024 release of CachyOS includes support for the COSMIC desktop as well as some important bits for video.
-
Linux Foundation Adopts OMI to Foster Ethical LLMs
The Open Model Initiative hopes to create community LLMs that rival proprietary models but avoid restrictive licensing that limits usage.
-
Ubuntu 24.10 to Include the Latest Linux Kernel
Ubuntu users have grown accustomed to their favorite distribution shipping with a kernel that's not quite as up-to-date as other distros but that changes with 24.10.