Encrypting data is very important to ensure data security, especially if you are using cloud storage. Almost all cloud storage services offer encryption services to their customers, but that’s not enough. It is also necessary to encrypt your data privately. EncFS (encrypted file system) is the best tool that can be used for this purpose. It is an open-source and cross-platform tool that is supported under Linux, Windows and OS X. EncFS creates, as the name implies, an encrypted file system at the user’s location. Before we get into the installation and use of the EncFS tool to encrypt cloud storage, let’s see how it works.
How EncFS works?
The operating principle is very simple. So let’s take a look at it.
EncFS creates two separate folders. One contains encrypted data and the other an unencrypted version of the data. The encrypted folder is located in the local cloud storage directory (such as Dropbox or Google Drive), while the unencrypted folder is located somewhere in the private folder outside the cloud storage folder. The unencrypted folder serves as a mount point for the encrypted folder. When you place something in the unencrypted folder, EncFS places the encrypted version in the encrypted folder located in your cloud storage folder. The encrypted folder is then synchronized with the cloud storage.
This article explains how to install and use EncFS to encrypt cloud storage data. We use Dropbox as the cloud storage medium and we use Ubuntu 18.04 LTS to describe the procedure on an operating system. Before you start, make sure you have an account for Dropbox. Also install a dropbox client on your Ubuntu computer.
Installing EncFS
To start installing EncFS on Ubuntu 18.04, press Ctrl+Alt+T to launch the Terminal and then run the following command in Terminal:
$ sudo apt-get install encfs
When prompted for the password, enter sudo password:
During the installation, the following screen will appear, press Enter to proceed.
Wait for a while until the installation is completed.
EncFS Configuration
Now we will create a new EncFS encrypted volume. For that run the following command in Terminal:
$ encfs ~/Dropbox/encrypted ~/Private
It will create two folders. One is at ~/Dropbox/encrypted and the other is at ~/Private.
1. ~/Dropbox/encryptedAdvertisement
It is the folder where your encrypted files will be stored by EncFS, that will be then synced to Dropbox. But make sure you do not directly place you files in this folder for encryption. If you place your files in this folder, they will not be encrypted.
2. ~/Private
It is the folder where you can access your unencrypted files. It will act as a mount point for the encrypted files. If you want to encrypt your files, you can directly place them in this folder.
After creating a new encrypted volume, it will ask a few questions. When asking for configuration mode, type p to choose paranoia mode (secure setup).
Then it will ask you to set password for the encrypted volume. Enter a password.
Using EncFS
Now place any content in your ~/Private folder. EncFS will place the encrypted version of it in the ~/Dropbox/encrypted folder that is inside your cloud storage directory. It will be then synced across your all devices. To see the decrypted content on other devices, use the same command to mount the EncFS file system.
$ encfs ~/Dropbox/encrypted ~/Private
It will ask for the password that you have set earlier while configuring for the first time.
Make note that, after you restart your system, EncFS will not automatically mount itself. If you log out and log back in your system, you have to use the above command in order to access the decrypted content at the mounted volume.
If we check the content of the ~/Dropbox/encrypted folder, we can verify that the content is encrypted. Use the cd command to navigate to the encrypted folder. Then use the ls command to view the content.
$ cd ~/Dropbox/encrypted $ ls -l
From the above image, you can verify that the content is encrypted.
While if we check the content of the ~/Private, we can see that, the content is unencrypted form.
$ cd ~/Private $ ls -l
From the above image, you can verify that the content is in unencrypted form.
To view the mount point, use the following command in Terminal:
$ mount | grep Private
You can also use the following command:
$ df –h | grep Private
In the above two images, you can see the EncFS volume listed.
To unmount the encrypted Dropbox folder, run:
$ umount ~/Private
Now again run the following commands.
$ mount | grep Private
$ df –h | grep Private
Now at this time, you will not see the EncFS volume listed.
So that is all you need to do in order to install and use EncFS. Now you can secure your cloud storage by using encryption. You will also find it helpful when using a shared computer in which anyone can access your data. By using encryption, it will be no longer accessible until you provide them the password.
