Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Do you use EncFS? Is it "ready" or abandoned?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
Zucca
Moderator
Moderator


Joined: 14 Jun 2007
Posts: 3683
Location: Rasi, Finland

PostPosted: Fri May 24, 2024 12:36 pm    Post subject: Do you use EncFS? Is it "ready" or abandoned? Reply with quote

To avoid derailing "encrypting a single directory?" I decided to open up this thread.

As the topic says, do you still use it?
eshowkw -O encfs:
Keywords for sys-fs/encfs:
                |                               |   u   | 
                | a   a     p s     l r   a     |   n   | 
                | m   r h   p p   i o i s l m m | e u s | r
                | d a m p p c a x a o s 3 p 6 i | a s l | e
                | 6 r 6 p p 6 r 8 6 n c 9 h 8 p | p e o | p
                | 4 m 4 a c 4 c 6 4 g v 0 a k s | i d t | o
----------------+-------------------------------+-------+-------
       1.9.5-r2 | + + o o o ~ ~ + o o o o o o o | 8 # 0 | gentoo
1.9.6_alpha0    | + + o o o ~ ~ + o o o o o o o | 8 o   | mv   
It's still on ::gentoo. And ::mv has a bit newer version. Looking at the git repo, the last commit is from four years ago.

I wonder if it's safe to use?

It would be nice to mount some directory somewhere as encrypted, then sync the encrypted files into some off-site backup.

Thoughts on this? Anything else that comes into mind? Anternatives (preferably ones that are simple, transparent and fs agnostic)?
_________________
..: Zucca :..

My gentoo installs:
init=/sbin/openrc-init
-systemd -logind -elogind seatd

Quote:
I am NaN! I am a man!
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3407

PostPosted: Fri May 24, 2024 1:46 pm    Post subject: Reply with quote

I never used it. However: just because it's not actively developed doesn't mean it's broken.
According to its manual it uses AES, so this this objective should be met 4 years ago, now, and also 20 years to the future unless there is a breakthrough in research regarding cryptography.
Quote:
The primary goal of EncFS is to protect data off-line. That is, provide a convenient way of storing files in a way that will frustrate any attempt to read them if the files are later intercepted.

I have some files older than 4 years.
_________________
Make Computing Fun Again
Back to top
View user's profile Send private message
Zucca
Moderator
Moderator


Joined: 14 Jun 2007
Posts: 3683
Location: Rasi, Finland

PostPosted: Fri May 24, 2024 2:46 pm    Post subject: Reply with quote

Yeah.
So I guess if the libraries it uses (mainly the AES library) is kept up to date, then I should be ok.
Just need to make sure those libs are dynamically loaded, rather than statically compiled in... This is pretty good example of the benefit of dynamic libs, I guess.

I'll start experimenting when I have more time to focus on this.
_________________
..: Zucca :..

My gentoo installs:
init=/sbin/openrc-init
-systemd -logind -elogind seatd

Quote:
I am NaN! I am a man!
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3407

PostPosted: Fri May 24, 2024 3:03 pm    Post subject: Reply with quote

Quote:
So I guess if the libraries it uses (mainly the AES library) is kept up to date, then I should be ok.
Doesn't even matter, as long as it's actually AES. (or any other _working_ cipher).
Data at rest doesn't change just because there were some updates to the code, and I'm not too concerned with side-channel attacks on the encryption process itself, because pulling it off is probably more difficult than just getting my machine to decrypt my files for you.

If you could exploit some bug remotely, that would be an issue. But this particular application doesn't look easily exploitable, even if it does have some bugs.
Basically, the only real consideration (in terms of no new updates) is "is it usable" and "will it break after you update something else making you unable to recover your files". Which can be mitigated with an OS backup.
So... Is it usable?
_________________
Make Computing Fun Again
Back to top
View user's profile Send private message
carcajou
Apprentice
Apprentice


Joined: 10 Jun 2008
Posts: 248

PostPosted: Sat May 25, 2024 6:03 am    Post subject: Reply with quote

I am not familiar with encfs, but there is also sys-fs/cryfs. AFAIK it is used as backend for Plasma vaults. I did not have any issues with it in the last ~4 years.
Back to top
View user's profile Send private message
kurisu
Apprentice
Apprentice


Joined: 19 Jan 2011
Posts: 177
Location: Munich, Germany

PostPosted: Wed May 29, 2024 10:38 am    Post subject: Reply with quote

I'm still using encfs, but would like to migrate to cryfs if it finally gets bumped to the lastest version.

See https://bugs.gentoo.org/820257
_________________
#1 Ryzen 7 2700 | Asus ROG Strix X470-F Gaming | G.Skill 32 GB DDR4-3000 | PowerColor Radeon RX 5700 Red Dragon | Samsung SSD 970 EVO Plus 1TB NVMe
#2 Ryzen 5 2400G | ASRock B450 Steel Legend | G.Skill 16 GB DDR4-3000 | Samsung SSD 850 PRO 512GB SATA
Back to top
View user's profile Send private message
Zucca
Moderator
Moderator


Joined: 14 Jun 2007
Posts: 3683
Location: Rasi, Finland

PostPosted: Wed May 29, 2024 5:48 pm    Post subject: Reply with quote

Can CryFS used in the same way as EncFS?
I feel it doesn't work the same way from the users perspective.
_________________
..: Zucca :..

My gentoo installs:
init=/sbin/openrc-init
-systemd -logind -elogind seatd

Quote:
I am NaN! I am a man!
Back to top
View user's profile Send private message
Juippisi
Developer
Developer


Joined: 30 Sep 2005
Posts: 749
Location: /home

PostPosted: Thu May 30, 2024 3:52 am    Post subject: Reply with quote

Heh, that's a blast from the past. I remember using encfs ~20 years ago. Nowadays I'm on zfs native encryption / luks due to simplicity.
Back to top
View user's profile Send private message
Zucca
Moderator
Moderator


Joined: 14 Jun 2007
Posts: 3683
Location: Rasi, Finland

PostPosted: Thu May 30, 2024 7:56 am    Post subject: Reply with quote

My goal is (eventually) be able to mount any non-encrypted directory to an another place where the contents are identical but encrypted so I can then simply upload the encrypted directory to somewhere on the net.
So I'm not interested on on-disk encryption in this case.
_________________
..: Zucca :..

My gentoo installs:
init=/sbin/openrc-init
-systemd -logind -elogind seatd

Quote:
I am NaN! I am a man!
Back to top
View user's profile Send private message
kurisu
Apprentice
Apprentice


Joined: 19 Jan 2011
Posts: 177
Location: Munich, Germany

PostPosted: Thu Jul 11, 2024 8:24 pm    Post subject: Reply with quote

cryfs-0.11.4 is now stable and should meet your requirements.

I'm going to migrate my cloud from encfs to cryfs soon.
_________________
#1 Ryzen 7 2700 | Asus ROG Strix X470-F Gaming | G.Skill 32 GB DDR4-3000 | PowerColor Radeon RX 5700 Red Dragon | Samsung SSD 970 EVO Plus 1TB NVMe
#2 Ryzen 5 2400G | ASRock B450 Steel Legend | G.Skill 16 GB DDR4-3000 | Samsung SSD 850 PRO 512GB SATA
Back to top
View user's profile Send private message
kurisu
Apprentice
Apprentice


Joined: 19 Jan 2011
Posts: 177
Location: Munich, Germany

PostPosted: Thu Jul 25, 2024 5:04 pm    Post subject: Reply with quote

Sadly cryfs' performance is far too bad to be a replacement for encfs when it comes to huge amounts of data. See eg. https://github.com/cryfs/cryfs/issues/297

Maybe gocryptfs will be an alternative.
_________________
#1 Ryzen 7 2700 | Asus ROG Strix X470-F Gaming | G.Skill 32 GB DDR4-3000 | PowerColor Radeon RX 5700 Red Dragon | Samsung SSD 970 EVO Plus 1TB NVMe
#2 Ryzen 5 2400G | ASRock B450 Steel Legend | G.Skill 16 GB DDR4-3000 | Samsung SSD 850 PRO 512GB SATA
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum