EncFS for OS X Yosemite

securecloud It’s about time I updated my instructions for installing and running an EncFS filesystem on Mac OS X, synchronised to Dropbox. Use a combination of FUSE for OS X, EncFS, Dropbox and DropSec to create and maintain a super-secure filesystem which syncs with the cloud, while maintaining

  1. Download and install FUSE for OS X (the MacFUSE compatibility layer is not required)
  2. If you don’t have it already, install the Homebrew package manager
  3. Download and install EncFS (v1.7.5_1 at time of writing) and any dependencies, it’s as easy as ‘brew install homebrew/fuse/encfs
  4. Download DropSec, extract DropSec.app from the archive and copy it to your Applications folder

To create a new encrypted volume (stored locally at first to prevent your EncFS key from being synchronised with Dropbox):

encfs ~/Desktop/_Encrypted ~/Documents/_DropSec

Answer ‘yes’ when prompted to create the new folders and choose ‘p’ for pre-configured paranoia mode (256-bit AES encryption). Enter a secure EncFS password when prompted and you’re done. Now the filesystem has been created we can deal with securing the key.

umount ~/Documents/_DropSec
mkdir ~/.keys
mv ~/Desktop/_Encrypted/.encfs6.xml ~/.keys/dropsec.xml

The commands above move your key from the EncFS filesystem into a hidden folder in your (local) home directory Now move the entire ~/Desktop/_Encrypted folder (minus your key) into your Dropbox:

mv ~/Desktop/_Encrypted ~/Dropbox/

To mount the secure filesystem run the DropSec app from your Application folder. The first time you run DropSec it will prompt you for your EncFS password which it stores in your local login keychain. The password must match the secure password you set earlier.

When the secure volume is mounted a DropSec folder with a padlock icon will appear on your desktop. If it doesn’t, check that you have ‘Show Connected servers’ checked in Finder preferences.

To mount or unmount the encrypted volume simply run the DropSec app. For convenience copy it to your Mac OS dock for quick access.

Advertisements

4 thoughts on “EncFS for OS X Yosemite

  1. It’s nice, but what hapens when I have two or more computers. How do I share the key to decript data in computer “A” when data has been encripted in computer B?. Is it possible?

    • You can easily view and edit the source code within the application package itself. Right-click on DropSec.app then select ‘Show Package Contents’. The shell script is ~/Contents/MacOS/dropsec.sh

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s