wiki.zibet.net RecentChanges

EncFS

Last edit

Added:

> Show pids using filesystem:
> {{{
> fuser -m MOUNTPOINT
> }}}

apt-get install encfs

Use encfs

Creating a new encrypted filesystem

$ mkdir /tmp/crypt-raw
$ mkdir /tmp/crypt
$ encfs /tmp/crypt-raw /tmp/crypt
Volume key not found, creating new encrypted volume.
Password: [password entered here]
Verify: [password entered here]

Accessing the filesystem

$ cd /tmp/crypt
$ echo "hello foo" > foo
$ echo "hello bar" > bar
$ ln -s foo foo2
$ ls -l
total 8
-rw-r--r-- 1 vgough users 10 2003-11-03 21:44 bar
-rw-r--r-- 1 vgough users 6 2003-11-03 21:44 foo
lrwxrwxrwx 1 vgough users 7 2003-11-03 21:44 foo2 -> foo
$ cd /tmp/crypt-raw
$ ls -l
total 8
-rw-r--r-- 1 vgough users 6 2003-11-03 21:44 eEM4YfA
-rw-r--r-- 1 vgough users 10 2003-11-03 21:44 gKP4xn8
lrwxrwxrwx 1 vgough users 7 2003-11-03 21:44 i7t9-m,I -> eEM4YfA
$ fusermount -u /tmp/crypt

Using encfs to create an encrypted home for john

# add john to fuse group
usermod -G fuse john
#Create a directory where the crypted data will be stored and a temporal mount point for it.
mkdir /home/john-crypt /home/john-mnt
chown john:john  /home/john-crypt /home/john-mnt
# Login as user john.
#Create a new crypted directory in /home/john-crypt and mount it to /home/john-mnt:
encfs /home/john-crypt /home/john-mnt
# cp johns content to /home/john-mnt with cp/rsync whatever
#Append this line to the file /home/john-mnt/.bash_logout (create it if it does not exist).
cd / && fusermount -u /home/john
# Unmount the crypted directory.
fusermount -u /home/john-mnt
#Login as root.
#Remove the temporal mount point.
rmdir /home/john-mnt
#Login as john.
#Create/edit .bash_profile in /home/john
encfs /home/john-crypt /home/john -- -o nonempty && cd /home/john
[[ -f ~/.bashrc ]] && . ~/.bashrc
# Done! When john now logs in, he gets an additional password prompt and his crypted home directory is mounted automatically. When he logs out, it will be unmounted.

From: http://www.gentoo-wiki.info/EncFS/Encrypt_Home_Directory

How to unmount inaccesible enfs

Show pids using filesystem: 

fuser -m MOUNTPOINT

As the user, kill all process accessing drive: 

fuser -km MOUNTPOINT

Then unmount: 

fusermount -u MOUNTPOINT

Example: 

fuser -km /home/john
fusermount -u /home/john
This page is read-only View other revisions Administration
Last edited 2017-10-19 18:42 UTC by 62.66.166.198 (diff)