Gocryptfs: Difference between revisions
From wikinotes
(Created page with "Userspace Encrypted filesystem. Desgined to address some shortfalls of encfs (ex. vulnerabilities when multiple versions of same file are available). = Documentation = <b...") |
No edit summary |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Spiritual successor to [[encfs]] with hardened security.<br> | |||
Notably, having access to multiple versions of the same file does not make this insecure. | |||
It is entirely cross platform. | |||
= Documentation = | = Documentation = | ||
Line 12: | Line 13: | ||
|} | |} | ||
</blockquote><!-- Documentation --> | </blockquote><!-- Documentation --> | ||
= Install = | |||
<blockquote> | |||
<syntaxhighlight lang="bash"> | |||
go install github.com/rfjakob/gocryptfs/v2 | |||
</syntaxhighlight> | |||
</blockquote><!-- Install --> | |||
= Usage = | = Usage = | ||
Line 18: | Line 26: | ||
gocryptfs -init ./encrypted # create encrypted dir | gocryptfs -init ./encrypted # create encrypted dir | ||
gocryptfs ./encrypted ./decrypted # mount encrypted dir | gocryptfs ./encrypted ./decrypted # mount encrypted dir | ||
fusermount -u ./decrypted # unmount encrypted dir | |||
</syntaxhighlight> | |||
If you only need a read-only mount, <br> | |||
you can use the <code>-reverse</code> param and you'll have some additional options. | |||
<syntaxhighlight lang="bash"> | |||
# create encrypted dir, excluding certain files | |||
gocryptfs -reverse -init \ | |||
-exclude-wildcard 'build/*' \ | |||
encrypted | |||
gocryptfs -reverse ./encrypted ./decrypted | |||
fusermount -u ./decrypted # unmount encrypted dir | fusermount -u ./decrypted # unmount encrypted dir | ||
</syntaxhighlight> | </syntaxhighlight> | ||
</blockquote><!-- Usage --> | </blockquote><!-- Usage --> | ||
= Tools = | |||
<blockquote> | |||
{| class="wikitable" | |||
|- | |||
| [[gocryptfs gec]] || git wrapper for gocryptfs encrypted repos | |||
|- | |||
|} | |||
</blockquote><!-- Tools --> |
Latest revision as of 01:20, 27 September 2023
Spiritual successor to encfs with hardened security.
Notably, having access to multiple versions of the same file does not make this insecure.
It is entirely cross platform.
Documentation
official docs https://nuetzlich.net/gocryptfs/ github https://github.com/rfjakob/gocryptfs
Install
go install github.com/rfjakob/gocryptfs/v2
Usage
gocryptfs -init ./encrypted # create encrypted dir gocryptfs ./encrypted ./decrypted # mount encrypted dir fusermount -u ./decrypted # unmount encrypted dirIf you only need a read-only mount,
you can use the-reverse
param and you'll have some additional options.# create encrypted dir, excluding certain files gocryptfs -reverse -init \ -exclude-wildcard 'build/*' \ encrypted gocryptfs -reverse ./encrypted ./decrypted fusermount -u ./decrypted # unmount encrypted dir
Tools
gocryptfs gec git wrapper for gocryptfs encrypted repos