Linux‎ > ‎

Encrypted Folder

Encrypted Folder in Linux

Encrypted filesystems may seem a little overkill for family holiday snaps or even your resume and other desktop files, but how about sensitive business documents on network-accessible servers, databases containing credit card information, or offline backups? Filesystem encryption also has special application in the case of a laptop that is much easier for someone else to physically take control of. Once you can rely on a secure and easy to use encrypted file system, you may find more uses than you originally envisaged.

I'll compare two approaches to encrypting Linux filesystems - EncFS and Loop-AES, which are both released under the GPL, and I'll summarize some of the others. Let's start by looking at EncFS. EncFS provides an encrypted filesystem in userspace, and runs without any special permissions - it fact, it's not so much a filesystem as a program that translates requests (encrypting or decrypting them as appropriate) and passes those requests to the underlying filesystem. It uses the FUSE library and kernel module to provide the filesystem interface, and uses a pass-through filesystem as opposed to an encrypted block device. What this means is that the size of data encrypted can grow or shrink without any need to reformat (because it's being allocated "on the fly"), whereas with block devices, you have to preallocate the size of the partition or block device that you want to encrypt. Backups can be performed as normal on a file-by-file basis and, in the case of incremental or differential backups, the backup program will know which files have changed since its last backup, even if it can't decipher what each file contains.

This brings us to another difference between pass-through encryption and block device. Pass-through encryption exposes metadata about the encrypted files to the regular filesystem on top of which it sits. This means that anyone can see the number of files you have encrypted, the permissions on the files, the size of each file, and the approximate length of the filename.

So how does EncFS work in practice? Installation obviously depends on your distribution. I run Ubuntu Breezy, and for me installtion was as simple as:

   sudo apt-get install encfs

This installed all dependencies, including the FUSE library as mentioned above, and the only additional steps I needed to take was to add myself to the fuse user group and then log out and log back in to be able to run the fusermount command as well as adding fuse to /etc/modules so the appropriate kernel module is loaded on startup. To create an encrypted filesystem you issue the following command:

   encfs ~/.crypt/ ~/crypt

What this means is "create an EncFS encrypted filesystem at ~/.crypt that can be mounted at ~/crypt". You will then be prompted for what options you want to use when creating the filesystem, and choose between a default (paranoid) option, and an expert option as below:

   The directory "/home/<username>/.crypt" does not exist. Should it be created? (y,n) y
   Creating new encrypted volume.
   Please choose from one of the following options:
    enter "x" for expert configuration mode,
    enter "p" for pre-configured paranoia mode,
    anything else, or an empty line will select standard mode.

Choosing expert will then give you a number of choices including encryption algorithm (AES, Blowfish and blowfish-compat encryption) and the specific key size and block size you want to use (depending on which encryption algorithm you've selected). It will also, of course, ask you for the password used to determine access to the encrypted filesystem. You can use the encfsctl program to change the password at a later date. The filesystem will be then automatically mounted and you can unmount it with:

   fusermount -u ~/crypt

I threw together the following quick script to allow for easy mounting and unmounting of my EncFS encrypted filesystem:


   echo "crypt [m|mount|u|unmount]"
   echo " either mounts or unmounts encrypted file system"

   if [ -z $1 ]

   case "$1" in
           "m" | "mount" )
                   /usr/bin/encfs ~/.crypt ~/crypt
                   echo "Encrypted filesystem now mounted"
           "u" | "unmount" )
                   /usr/bin/fusermount -u ~/crypt
                   echo "Encrypted filesystem has been unmounted"
           * )

The second approach I took a look at was Loop-AES - loop devices are block devices that do not store any data directly, but redirect all reads and writes to an underlying block device or file, possibly encrypting or decrypting data in the process. I chose to write to a file rather than a partition, so the example below would need to be modified slightly if you wanted to encrypt an entire partition. First of all, I installed the kernel-headers debian package for my kernel, as well as loop-aes-source and the rather handy module-assistant package. This package does pretty much what you'd expect it to do - it assists in building kernel modules, which is needed because although using Loop-AES doesn't require any modification to the kernel, it does require you to build a kernel module. Here's how (as root):

   module-assistant prepare
   module-assistant build loop-aes

If the module-assistant fails to build the appropriate module for you, it is most likely because you're missing the appropriate kernel configuration files to allow it to do so. This can be remedied by determining which kernel you're using (uname -a) and the copying the appropriate /boot/config-xxx file to /usr/src. This file is simply a list of the configuration options for your current kernel in plain text, and you can review it in any text editor. From /usr/src/linux you then type make menuconfig to bring up the text menu for choosing kernel options. Scroll to the bottom and choose "Load an Alternate Configuration File". Type in the path of the copied /boot/config-xxx file, and then exit, saying yes to saving changes. Module-assistant should now be able to prepare the module correctly. Once this is done, you can install it as follows:

   apt-get install loop-aes-utils
   module-assistant install loop-aes

Next we create the filesystem-within-a-file that we want to encrypt using the dd command:

    dd if=/dev/zero of=/location/of/file bs=4k count=2560

This creates a filesystem of 10MB, which illustrates one of the major differences between the Loop-AES approach and EncFS - we have to pre-allocate the size of the filesystem before usage. This may mean that we end up with a significant amount of unused filespace, or that we risk running out of space on our encrypted filesystem. If disk space is at a premium, this trade off may be unacceptable.

Next we actually set up the loop device, and specify that we want to use AES128 encryption (we can equally use AES192 or AES256 for greater security with a higher performance hit):

   losetup -e AES128 /dev/loop1 /location/of/file

If you don't have a /dev/loop1, you can create one as follows: cd /dev; MAKEDEV loop1.The losetup command will prompt you for a password at this point, with a minimum of 20 characters. This brings us to the difficult question of how to create long, secure passwords. You could simply create a random sequence of characters, but for something this long, chances are this will require a photographic memory or (more likely) writing it down somewhere, which has its own security implications. Another alternative is to think of a phrase/quote/song lyrics that's memorable and choose the first/last characters from each word, etc. - choosing secure passwords is another article all in itself, and one that's been covered well here besides other places. Next we make the filesystem, and then detach the loop device from it:

   mkfs -t ext2 /dev/loop1
   losetup -d /dev/loop1

Then we simply create our directory to mount the new encrypted filesystem on and then mount it:

   mkdir /location/of/mount
   mount /location/of/file -o loop=/dev/loop1,encryption=AES128 /location/of/mount -t ext2

You will again be prompted for the password since you are mounting the filesystem. To unmount it, simply type umount /location/of/mount. You may need to unload your existing loop kernel module and load the new loop module, and also to add loop to /etc/modules to ensure it's loaded on startup.

Two other programs that are worth mentioning are dm-crypt and TrueCrypt. dm-crypt leverages the new device-mapper infrastructure that was introduced in the Linux 2.6 kernel, which provides a generic way to create virtual layers on top of real block devices and enables functions such as striping, concatenation, mirroring, or in this case encryption. It uses the new Linux 2.6 cryptoapi, and writes to the device are encrypted while reads from it are decrypted. It allows for filesystem mounting as usual, but without the appropriate key you cannot access your data. The cryptsetup package has been created to ease the administration of dm-crypt devices, with simple commands like create, remove, reload, resize and status. dm-crypt defaults to aes with a 256 bit key.

TrueCrypt is a project with future promise for Linux filesystem encryption. It can provide a virtual encrypted disk within a file and mounts it as a real disk, or can be used to encrypt an entire hard disk partition or device, such as a USB flash drive. In other words, it provides an encrypted block device rather than pass-through encryption. It provides two levels of plausible deniability - firstly hidden volumes, which is essentially an encrypted filesystem hidden within another encrypted filesystem, and secondly no TrueCrypt volume can be identified, as the data cannot be distinguished from random data. Furthermore, it offers the following encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish.

Binaries are available for Windows 2000/XP/2003, as well as a number of Linux distributions, as well as in source format. However, TrueCrypt's current version (4.1) has a big disadvantage for the Linux platform - you cannot use it to create a TrueCrypt volume on Linux. While the program is open source, and the source code is available, TrueCrypt was originally written for Windows, and the porting process has only got as far as providing command line options to manage a TrueCrypt volume. The volume creation portion is tied into the Windows GUI, and the TrueCrypt team is working on bringing this to Linux as well. So, you have a number of options to create your TrueCrypt volume (Dual Boot, other machine, QEMU/VMWare), but all of them (currently) involve getting yourself to a Windows machine. Additionally, I also had problems mounting a TrueCrypt volume that I'd created on Windows, and the Linux documentation is a little scarce. I look forward to the release of Linux TrueCrypt volume creation utilities, and the general polishing up of this program for Linux - it will provide a valuable addition to filesystem encryption. **

Finally, as this posting mentions, David Zeuthen of Red Hat has been working to integrate LUKS (Linux Unified Key Setup), which is the basis for dm-crypt into the GNOME desktop. This promises to provide extreme easy of use for encrypting volumes within GNOME, although the final details of how this will be integrated with existing partition management tools is still being finalized.

As you can see, there are a number of options for filesystem encryption in Linux, depending on the needs of the user. The most important thing when choosing which one to use is to be clear about what your needs are. Will the size of files you need encrypting grow or stay static? Do you need to encrypt certain files, or entire partitions? What level of security do you need? Answers to these questions will help determine the most appropriate program to use.


    • As of version 4.2 (released April 17 2006), Truecrypt can now create encrypted partitions on Linux. Please see the Truecrypt website for more details.


Official Source: