How to encrypt files and folders and sync them to Dropbox, Drive or OneDrive

Willy Klew

5 minutes

encfs encrypt folders

Today we all use services of cloud storage, either Dropbox, Google Drive, OneDrive (from Microsotf) or others, and the truth is that at least the best known are very safe and generally our data there will be well protected. That, of course, unless someone can get hold of our access data, something that has already happened several times and that not long ago even happened to many celebrities who stored their data in iCloud, the cloud service that Apple offers to users of iPhones, iPads and MacBooks.

The problem is that a server may have security flaws y expose our data although we jealously guard the login data. Of course, sometimes said data may be available if we do not use it carefully (for example when logging in from unsecured networks or computers) and if someone obtains it, they can take full control of our account and of course, access to all the information that we have stored there, with results that could be catastrophic if it was important.

That is why we are going to show a way to protect ourselves a little more by encrypt local folders and then sync them with any cloud serviceWhichever is our preference, although if the information is important, it is preferable to rely on those of more important companies since they guarantee a little more seriousness in addition to knowing that they hardly disappear overnight. When performing this task Everything we upload to the cloud will be encrypted, so that even if someone could access our data, they will not be able to use it or know what it is..

To start what we need is to use some encryption tool, and for this we are going to base ourselves on EncFS, an open source software available in most Linux distributions and that works in a different way than TrueCrypt since instead of creating an encrypted container - in which the data itself is not when we 'take' it out of him- here what is done is individually encrypt each file within a folder specified by us.

This folder will be automatically synced by EncFS from the data that we store in another folder, in which all the information will be unencrypted. Of course, the folder to be synchronized with a cloud service is the first one, the one with its encrypted data, but in case all this information is confusing -or I was when I wrote these lines- we are going to review the operation of EncFS :

  1. We create a folder, preferably in our personal folder, in which we are going to save the data without encryption.
  2. We create a folder, within the local folder that synchronizes with our preferred cloud service, in which we will have the encrypted data. This folder is created by EncFS and by default it is called 'Private'.
  3. We are asked for a password, which we must create and make sure to remember since without it we irreversibly lose access to our data.
  4. We move, copy or create in the folder from step 1 everything that we are going to want to protect.
  5. Encfs takes care of automatically synchronizing with the folder created in step 2, encrypting and letting the cloud service take care of uploading it to their servers.

Now that we have it a little clearer we install EncFS:

# apt-get install encfs

xubuntu encfs

We run EncFS:

encfs ~ / Dropbox / encrypted ~ / Private

We indicate to EncFS which is the folder that will contain the encrypted data, if said folder does not exist we will be asked if we want to create it. We will be notified that the folder will be created ~/ Private, where the unencrypted data will go, and finally we will be asked to select the expert configuration level (x) or a default one (p) which is already quite secure. Then, as we see in the image above, we are notified that it is going to create a password to protect encrypted data, which we can change later using the command encfsctl.

That's it, now we can start saving things to the Private folder, and let EncFS take care of its task and the cloud service (eg Dropbox) of its own). But there are a few issues to keep in mind:

  • The Private folder will not be mounted by default after logging into our computer, until we do it as in step 1 mentioned above: # encfs encrypted folder encrypted folder.
  • Inside the encrypted folder, the one we use to synchronize, there is a file called .encfs6.xml. If we delete this file, we will lose access to our data forever, so it would be convenient to have a backup copy of it.
  • We can use EncFS on as many computers as we wantTo do this we simply have to install the same storage service in the cloud, let it synchronize the files to a local folder -which will be encrypted- and execute the initial command so that said local folder is synchronized with / home / user / Private, where we will finally see them.

To summarize, it is an interesting solution, quite simple to use and available in the main Linux distributions, which allows us to enjoy a little more security and peace of mind if we are going to save important data in the cloud.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   security maniac said
    ago 9 years

    Good article.

    With gnome-encfs-manager you can do it graphically in addition to configuring a lot of other parameters.

    http://www.webupd8.org/2013/05/gnome-encfs-manager-cryptkeeper.html

    Respond to security maniac