# EncryptedFS [DEPRECATED] > **⚠️ Warning** > > Moved to [rencfs](https://crates.io/crates/rencfs). Please use that instead. An encrypted file system that mounts with FUSE on Linux. It can be used to create encrypted directories. It can then safely backup the encrypted folder on an untrusted server without worrying about the data being exposed.\ You can also store it in any cloud storage like Google Drive, Dropbox, etc. and have it synced across multiple devices. \ [![encryptedfs-bin](https://img.shields.io/aur/version/encryptedfs-bin?color=1793d1&label=encryptedfs-bin&logo=arch-linux)](https://aur.archlinux.org/packages/encryptedfs-bin/) ![crates.io](https://img.shields.io/crates/v/encryptedfs.svg) ![docs.rs](https://img.shields.io/docsrs/encryptedfs?label=docs.rs) [![test](https://github.com/radumarias/encryptedfs/actions/workflows/test.yml/badge.svg)](https://github.com/radumarias/encryptedfs/actions/workflows/test.yml) # Usage You can use it as a command line tool to mount an encrypted file system, or directly using the library to build your own binary (for library, you can follow the [documentation](https://docs.rs/encryptedfs/latest/encryptedfs/)). ## Command Line Tool To use the encrypted file system, you need to have FUSE installed on your system. You can install it by running the following command (or based on your distribution) Arch ```bash sudo pacman -Syu && sudo pacman -S fuse3 ``` Ubuntu ```bash sudo apt-get update && sudo apt-get -y install fuse3 ``` ### Install from AUR You can install the encrypted file system binary using the following command ```bash yay -Syu yay -S encryptedfs ``` ### Install with cargo You can install the encrypted file system binary using the following command ```bash cargo install encryptedfs ``` A basic example of how to use the encrypted file system is shown below ``` encryptedfs --mount-point MOUNT_POINT --data-dir DATA_DIR ``` Where `MOUNT_POINT` is the directory where the encrypted file system will be mounted and `DATA_DIR` is the directory where the encrypted data will be stored.\ It will prompt you to enter a password to encrypt/decrypt the data. ### Change Password The encryption key is stored in a file and encrypted with a key derived from the password. This offers the possibility to change the password without needing to decrypt and re-encrypt the whole data. This is done by decrypting the key with the old password and re-encrypting it with the new password. To change the password, you can run the following command ```bash encryptedfs --change-password --data-dir DATA_DIR ``` Where `DATA_DIR` is the directory where the encrypted data is stored.\ It will prompt you to enter the old password and then the new password. ### Encryption info You can specify the encryption algorithm and derive key hash rounds adding these arguments to the command line ```bash --cipher CIPHER --derive-key-hash-rounds ROUNDS ``` Where `CIPHER` is the encryption algorithm and `ROUNDS` is the number of rounds to derive the key hash.\ You can check the available ciphers with `encryptedfs --help`. Default values are `ChaCha20` and `600_000` respectively. ### Log level You can specify the log level adding the `--log-level` argument to the command line. Possible values: `TRACE`, `DEBUG`, `INFO` (default), `WARN`, `ERROR`. ```bash --log-level LEVEL ``` ## Start it in docker ```bash docker pull xorio42/encryptedfs ``` Start a container to set up mount in it `docker run -it --device /dev/fuse --cap-add SYS_ADMIN --security-opt apparmor:unconfined xorio42/encryptedfs:latest /bin/sh` In the container create mount and data directories `mkdir fsmnt && mkdir fsdata` Start `encryptedfs` `encryptedfs --mount-point fsmnt --data-dir fsdata` Enter a password for encryption. Get the container ID `docker ps` In another terminal attach to running container with the above ID `docker exec -it /bin/sh` From here you can play with it by creating files in `fsmnt` directory ``` cd fsmnt mkdir 1 ls echo "test" > 1/test cat 1/test ``` # Building from source ## Getting the sources ```bash git@github.com:radumarias/encryptedfs.git ```` ## Dependencies ### Rust To build from source, you need to have Rust installed, you can see more details on how to install it [here](https://www.rust-lang.org/tools/install). ```bash curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh ```` Accordingly, it is customary for Rust developers to include this directory in their `PATH` environment variable. During installation `rustup` will attempt to configure the `PATH`. Because of differences between platforms, command shells, and bugs in `rustup`, the modifications to `PATH` may not take effect until the console is restarted, or the user is logged out, or it may not succeed at all. If, after installation, running `rustc --version` in the console fails, this is the most likely reason. In that case please add it to the `PATH` manually. ### Other dependencies Also these deps are required (or based on your distribution): Arch ```bash sudo pacman -Syu && sudo pacman -S openssl lib32-openssl fuse3 base-devel ``` Ubuntu ```bash sudo apt-get update && sudo apt-get install libssl-dev openssl fuse3 build-essentials ``` ## Build for debug ```bash cargo build ``` ## Build release ```bash cargo build --release ``` ## Run ```bash cargo run -- --mount-point MOUNT_POINT --data-dir DATA_DIR ```