The security of the information and the elements that make up the structure of any system must always be one of the goals of any IT user since in a world of such threat we will never know when we are to be exposed to such attacks..
One of the best ways to protect all information in a system is by encrypting access to that unit and so only administrators will know what their access code is and they will be protected with the latest security technologies.
TechnoWikis will explain through this tutorial how to encrypt data using EncFS on Ubuntu 18.04 Server and thus add one more level of protection for the computers to manage. We remind you that it is also advisable to have our external storage devices encrypted..
What is EncFS
EncFS is a utility created in order to offer an encrypted file system in the user's space, thus, EncFS, is responsible for creating a virtual encrypted file system where the data will be stored in the rootdir directory and creates the unencrypted data in the mountPoint directory. To mount the unit, the user must provide the password to access its content.
EncFS runs with regular user permissions using the FUSE library.
To keep up, remember to subscribe to our YouTube channel! SUBSCRIBE
Now we will see how to install and use EncFS in Ubuntu 18.04..
1. Install EncFS on Ubuntu 18.04
Step 1
To start the installation process, we will execute the following command:
sudo apt -y install encfs
Step 2
During the installation process, the following message will be displayed indicating that even EncFS is vulnerable to various attacks, so although it is a way to add security, we must take into account additional aspects to improve this security point in Ubuntu 18. Press Enter to continue with the installation process.
2. Use EncFS in Ubuntu 18.04
Step 1
Once EncFS is installed on the system, we will create the following directories in the Home directory:
mkdir -p ~ / encrypted mkdir -p ~ / encrypted
Step 2
The encrypted directory acts as a mount point for the encrypted directory, to carry out the assembly process of ~ / encrypted to ~ / encrypted, we will execute the following:
encfs ~ / encrypted ~ / encrypted
Step 3
In the question line we will enter the letter P:
Step 4
Option P, paranoid, is one of the safest because it has 256-bit AES encryption and a 1024-byte block. At the bottom we will enter and confirm the EncFS password:
Step 5
Now we can find the EncFS volume by executing the “mount†command:
Step 6
We can use the following command for a brief summary of the available directories. There we see the directory created with the EncFS system.
df -h
Step 7
Now, to store the data in encrypted form, we will host the data in the encrypted directory, with the same process as a normal directory:
cd ~ / decrypted echo "hello foo"> foo echo "hello bar"> bar ln -s foo foo2
Step 8
Then, we verify the content by running:
ls -l
Step 9
We can see that it is in an encryption format. We can verify that the encrypted directory is encrypted:
cd ~ / encrypted ls -l
Step 10
To disassemble the volume that we have encrypted we will execute the following:
CD fusermount -u ~ / encrypted
Step 11
We verify that the unit is not mounted by running:
mount
Step 12
To mount it again we execute:
encfs ~ / encrypted ~ / encrypted
Step 13
At the moment we want to modify the password we will execute the following:
encfsctl passwd ~ / encrypted
Step 14
The following questions will be displayed where we will enter the current password and specify the new one:
Step 15
Some of the options to use with EncFS are:
-i, --idle = MINUTES
Enables automatic disassembly of the unit after a period of inactivity.
-f (foreground)
This option enables the use of EncFS in foreground mode, that is to say in the foreground since EncFS always acts in the background.
-v, --verbose
Enables the display of the information that is being executed.
-t, --syslogtag
This option allows you to set the syslog that will be used when a message makes use of the syslog option.
-s (single thread)
This option enables the use of EncfS in single thread mode.
-d, --fuse-debug
Enable the use of EncFS for debugging without using the FUSE library.
--forcedecode
This option applies to file systems that use address blocks.
--ondemand
Mount the file system in on-demand mode.
--require-macs
This option is used when a new file system is created and forced block authentication is required.
--nocache
Disable kernel cache for file attributes.
Step 16
To know more about EncFS we can execute the following command
man encfs
In this way, EncFS offers us a simple solution to protect data in Ubuntu 18.04.