In the past, I have “hidden” files that contain passwords in strange ways such as placing them in text files named “Personal Journal” or “Recipe List”. I ask myself, really? And how do you think that would help you if anyone ever did gain access to your file system? Today, I fixed my naive approach to securing data.
I chose to use eCryptfs which is a common package used in Ubuntu and Google’s ChromeOS. One of the advantages of eCryptfs is that the file encryption key is stored in the header of the file. This means that the folder may be moved easily to a different machine without any additional information. Everything you need to decrypt is contained in the file. The usage is straight forward; however, for those new to the cryptography world such as myself, there were a few gotcha’s.
You will want to install the eCryptfs utility. If your on Ubuntu, this is most likely already installed. This is the same package that is used to encrypt home directories.
Setting up the Folder
You will want to create the folder:
You will also want to make sure that you are the only one with access to the folder:
Note: It is at this point that I wanted to place my ‘to be encrypted’ files in the folder. This is a mistake. Wait until after we have mounted the folder with eCryptfs.
Encrypting the Folder
To encrypt the folder, you will want to mount the folder with eCryptfs:
With the first ./secure we are specifying the location of the encrypted files and with the second ./secure we are specifying the location for viewing the decrypted the files. These paths can be different, for my purposes it was easier if they were the same thing.
Configuring the Encryption Method
eCryptfs will ask you how you want your files encrypted. I accepted the defaults and opted out of pain text pass through and file name encryption.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
Add Files and Unmount
At this point you will want to add the files that you want encrypted and unmount the directory.
You should now have a folder of encrypted files. For a more in depth explanation, I recommend reading eCryptfs: A Stacked Cryptographic Filesystem by Mike Halcrow the author of eCryptfs.