Encrypted home directory (encfs)

I used to encrypt my home directory with Ubuntu’s ecryptfs. However, I realized that no matter how long my password was (up to 64 chars), the “mount password” was only 32 alphanumeric characters!

Plus, ecryptfs is really complicated to use on the command line. Since my setup was using a long password for ecryptfs and a short one for my login, I needed to be able to mount my home directory via command line.

Enter encfs, a much more user friendly alternative that allows 256 chars long passwords with alphanumeric and symbols. Using encfs is easy, but two things need to be done to use a directory as home:

1. mount your directory with -o allow_other (you will have to modify your /etc/fuse.conf). Uncomment:

user_allow_other

I mount my home doing:

cat FILE_WITH_256_CHAR_PASSWORD | encfs -S -o allow_other /home/.safe /home/USERNAME

2. add this line to your /etc/security/pam_env.conf (otherwise .ICEauthority file cannot be updated):

# set the ICEAUTHORITY file location to allow GNOME to start on encfs $HOME
ICEAUTHORITY DEFAULT=/tmp/.ICEauthority_@{PAM_USER}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s