Secure Dropbox from Linux

There has been a lot of hubbub recently about the security of the popular dropbox file sharing and storage service.  However if you are a linux user I have a solution for you.  The “encfs” encrypted filesystem. Encfs is a “fuse” filesystem, which means that it runs as a user process under Linux. When the kernel needs to open a file within an encfs filesystem, it asks a user process to perform the action. What makes this useful here is that the process implementing the filesystem is a user process like any other. So it can interact with dropbox just like any other program.

With Encfs you “mount” a new file system over an existing filesystem. When you create a file in the mounted filesystem, it creates a file in the underlying filesystem which has both its contents and name encrypted. Using encfs with dropbox is as simple as using encfs to mount a filesystem on a directory which is inside your dropbox folder. When encfs writes a file in the dropbox folder, the dropbox daemon does what it normally does when a file is changed, it synchronizes it to the dropbox cloud.
By using encfs you do not have to trust dropbox or their staff to keep your files confidential, the contents of the underlying folder are already encrypted before they are sent to dropbox (and decrypted as needed only on your computer)!
Some caveats:
If you forgot the password you used on your encfs filsystem, you are out of luck. There are no back doors, so be careful!
In theory you should be able to access the encfs protected filsystem from two computers simultaneously, but I haven't tried it myself (note: with “fuse” there is caching that occurs that might interfere in a multi-system configuration).
You won't be able to read or otherwise work with encrypted files from systems that do not have encfs (like a Windows computer or a mobile device).
Enjoy!
There has been a lot of hubbub recently about the security of the popular dropbox file sharing and storage service.  However if you are a linux user I have a solution for you.  The “encfs” encrypted filesystem. Encfs is a “fuse” filesystem, which means that it runs as a user process under Linux. When the kernel needs to open a file within an encfs filesystem, it asks a user process to perform the action. What makes this useful here is that the process implementing the filesystem is a user process like any other. So it can interact with dropbox just like any other program.
With Encfs you “mount” a new file system over an existing filesystem. When you create a file in the mounted filesystem, it creates a file in the underlying filesystem which has both its contents and name encrypted. Using encfs with dropbox is as simple as using encfs to mount a filesystem on a directory which is inside your dropbox folder. When encfs writes a file in the dropbox folder, the dropbox daemon does what it normally does when a file is changed, it synchronizes it to the dropbox cloud.
By using encfs you do not have to trust dropbox or their staff to keep your files confidential, the contents of the underlying folder are already encrypted before they are sent to dropbox (and decrypted as needed only on your computer)!
Some caveats:
If you forgot the password you used on your encfs filsystem, you are out of luck. There are no back doors, so be careful!
In theory you should be able to access the encfs protected filsystem from two computers simultaneously, but I haven't tried it myself (note: with “fuse” there is caching that occurs that might interfere in a multi-system configuration).
You won't be able to read or otherwise work with encrypted files from systems that do not have encfs (like a Windows computer or a mobile device).
EnjoThere has been a lot of hubbub recently about the security of the popular dropbox file sharing and storage service.  However if you are a linux user I have a solution for you.  The “encfs” encrypted filesystem. Encfs is a “fuse” filesystem, which means that it runs as a user process under Linux. When the kernel needs to open a file within an encfs filesystem, it asks a user process to perform the action. What makes this useful here is that the process implementing the filesystem is a user process like any other. So it can interact with dropbox just like any other program.
With Encfs you “mount” a new file system over an existing filesystem. When you create a file in the mounted filesystem, it creates a file in the underlying filesystem which has both its contents and name encrypted. Using encfs with dropbox is as simple as using encfs to mount a filesystem on a directory which is inside your dropbox folder. When encfs writes a file in the dropbox folder, the dropbox daemon does what it normally does when a file is changed, it synchronizes it to the dropbox cloud.
 
By using encfs you do not have to trust dropbox or their staff to keep your files confidential, the contents of the underlying folder are already encrypted before they are sent to dropbox (and decrypted as needed only on your computer)!
 
Some caveats:
  • If you forget the password you used on your encfs filsystem, you are out of luck. There are no back doors, so be careful!
  • In theory you should be able to access the encfs protected filsystem from two computers simultaneously, but I haven't tried it myself (note: with “fuse” there is caching that occurs that might interfere in a multi-system configuration).
  • You won't be able to read or otherwise work with encrypted files from systems that do not have encfs (like a Windows computer or a mobile device).

Encfs is available on most desktop distribution of Linux. I'm using it with Ubuntu, its package name is just "encfs."

Enjoy!
 

Copyright © 2009-2023 Jeffrey I. Schiller