Whenever I mount a encfs directory to a regular directory, the regular directory disappears. this is the command I use
encfs ~/encrypted ~/plain
When I try to access the folder from my windows computer, I can not see it. What to do?
I have an NFS share hosted at a file server for several machines. I set up an encfs encrypted file tree in this. First, I created a directory in the NFS mounted tree where I wanted the encrypted files to be store (/home/nfs/phil/private). Second, I created a mount point where I wanted to access those files in the clear view (/home/phil/nfs-phil-private). Third I mounted encfs with the simple command "encfs /home/nfs/phil/private /phil/nfs-phil-private". During this mounting, it asked me for a pass phrase to encrypt the files with. Fourth, I copied some files into "/phil/nfs-phil-private". I saw that files with cryptic names were created in "/home/nfs/phil/private", along with a file named ".encfs6.xml".
That was on one machine named "lorentz". Then I switched to another machine named "euler". I created the same mount point here (/home/phil/nfs-phil-private). I verified that /home/nfs/phil/private already existed, as did "/home/nfs/phil/private.encfs6.xml". So I tried the same "encfs /home/nfs/phil/private /phil/nfs-phil-private" command. This time it failed. Here is all the output up to the first prompt:
Code:
15:05:23 (FileUtils.cpp:375) Archive exception: stream error
15:05:23 (FileUtils.cpp:326) Found config file /home/nfs/phil/private/.encfs6.xml, but failed to load
Creating new encrypted volume.
[code]....
The first two lines certainly appear to be some kind of error. I can cat the .encfs6.xml files just fine, so I do have permission to read it. It had not even prompted me for a password, yet. Anyone know what the deadl with this is? A possible cause is that the first encfs is version 1.6.1 (ubuntu 10.10 packaged as 1.6.1-1) and the second encfs is version 1.5.2 (ubuntu 9.10 packaged as 1.5.2-1).
I have two computers on my network, both are running Ubuntu 10.10. I wish to access encfs-encrypted directories on a remote computer from my local computer. I used nfs to mount the remote encrypted directory onto my local machine, and then I used encfs to decrypt. But because of nfs' use of some UID-type ownership convention rather than user:group, I have no access to the directory I just mounted.I want my local machine's software to access the files, so ssh login is probably not a solution, and I would like to avoid using encfs' --public option if possible.
View 2 Replies View Related There are some encfs folders with private data on the server and all data is exported via nfs to all other omputers in the house.I can mount the encfs folders on another computer (using encfs command) to work with the data, but I never dared to mount it on more than one computer simultaniously, because I fear the encrypted data might get corrupted if more than one computer mount and access it at the same time.
So I want to ask about your experience: Is it safe to mount an encfs folder on several computers at the same time? All computers use "hard" and "sync" as nfs mount options to minimize risks of data loss. But can I access the folders simultaniously, or do I risk corrupting the encfs encryption and lose everything?
I have created a mount point (/media/a500) for my Iconia Tablet and added the following to get it to mount automatically.
First download and install mtpfs......Then do this
Code:
sudo nano /etc/udev/rules.d/51-android.rules
SUBSYSTEM=="usb", ATTR{idVendor}=="0502", MODE="0666"
sudo mkdir /media/a500
sudo chown user:user /media/a500
[Code]...
This works just fine for Fedora 14 but on Fedora 15 the mount point disappears on reboot ie there is no /media/a500 folder. a500 appears under devices in Nautilus and mtpfs is ok as I can mount the device via the command line by creating the mount point setting ownership and running
Code: mtpfs /media/a500
I have a problem to mount my cdrom as a regular user. After inserting a cd, I receive this error message:"Error mounting: mount exited with exit code 1: helper failed with:mount: must be superuser to use mount" After mounting the cdrom as superuser with "sudo mount /media/cdrom".I can access the cd also as regular user. This behavior is inconvenient and I would like to be able to mount the cdrom as user.Honestly, I do not have the experience to tell if this should be fine or not. Do you have any advice for me to fix this problem? I am running Ubuntu 9.10 with a 2.6.32-02063209-generic kernel.
View 6 Replies View RelatedI had this all hashed out in previous versions of Fedora, but since I have moved the Mrs over to F10 this problem has come to the surface yet again.The Mrs is a strait user. She does not do command line and there is not a chance in a hot place that I could convince her to do it. Now we have her on the F10 system and we, once again, can't get her to have the right Kung Fu to be able to moun/unmount the floppy drive using the computer icon on the Gnome desktop.
What has changed and how do I get this function back for her? She uses this for business files, so this is somewhat on the urgent side.
I have a samba based domain controller which has a share with limited privileges for different usernames. When I log in the gvfs wizard in ubuntu everything is all good and I can access all the files I am supposed to be able to.
I suspect it has to do with the owner and group of the directory not being a user in the local machine. When mounted via gvfs the owner and group are the local user and group whereas when mounted via the mount command the user and group are foreign uids and gids.I had thought that gvfs would have relied on mount() system call under the bonnet but is this not the case as gvfs mounts don't appear in the list when you type 'mount'.Can this be solved in the standard smbfs mount or is gvfs simply a better implementation that does some magic behind the scenes to set the owner and groups in accordance with the smb protocol?
How can I get palimpsest to get authorization to mount partitions when started as a regular user? It works when started from a root session.
Recently I mounted a larger partition into my home directory since I was running out of space, Everything went smoothly, but it caused me to wonder about something I cant figure out. While playing with the mount unmount commands when I was copying everything over... before editing my fstab.
Is there a way to access the files that existed in a directory before you mount a partition to that directory? after mount the original files are gone.unmount and they are back, Where do they go?
I have Ubuntu Karmic. I chose to install with an encrypted home directory. Recently I got a warning that I only had 2GB of drive space left. This is mostly because of my videos. So I went and bought a new hard drive and partitioned it and made 1 ext4 partition and copied my videos all to the new hard drive. I added a line in my fstab to mount the new hard drive to ~/videos, but when I reboot the computer, there is a screen saying something like "error mounting /home/me/videos, press S to skip or something else to reboot". If I press S to skip, then when my system comes up there is a video directory but it's empty because my other hard drive didn't get mounted. I can run sudo mount /dev/sdb video/ and it will mount fine and I can see all my videos, so why can't fstab mount it? Does this have something to do with my encrypted home directory?
View 14 Replies View RelatedWhat I'm trying to do is to grant my regular user to locally mount partitions and shutdown the machine without a password. Here is what I've done to /etc/sudoers:
Code:
Host_Alias LOCAL = localhost
Cmnd_Alias SHUTDOWN = /sbin/shutdown
Cmnd_Alias MOUNT = /bin/mount, /bin/umount
<my_username> LOCAL=(root) NOPASSWD: SHUTDOWN, MOUNT
%wheel ALL=(ALL) ALL
My user is a member of wheel group and I want to type the password for each sudo command except for shutdown and mount. However I am asked for a password whenever I execute "sudo mount [...]" or "sudo shutdown [...]".
I have a requirement that seems to be unique in nature. I have multiple clients who are caged to their home directories. I would like to "share" a directory which exists above these chroots with all these caged users. I know this can be accomplished using mounts but my problem is, how can I mount a single directory to multiple mount points located in each users home dir? Can this be done in the fstab file?
View 9 Replies View RelatedI have a server with Fedora 13 with which I would like to get NFS working. I have looked up multiple howto's and tutorials, but I'm having a problem not addressed by any of them.Official how-to, another how-to, and another how-to.I have verified that nfs-utils, nfs-utils-lib, portmap, and system-config-nfs are installed and running. I have verified that I have, in fact, shared the directory that I want to share, and that the proper permissions are set.
I had to go through some gyrations to get the Belkin wireless N router to allow my server to have a static IP. However, I can ping the server from the nfs client (a toshiba satellite running mint 8), and vice versa. I have (for now) disabled firewalls on both computers. I think I have disabled SELinux on Fedora 13 (for now).When I attempt to connect to the server from the client, the output looks like this:Quote:
aragorn ~ # mount -v 192.168.2.101:/test /home/kelev/test/
mount: no type was given - I'll assume nfs because of the colon
mount.nfs: timeout set for Sat Dec 18 12:21:09 2010
[code]....
I'd like to mount the directory /var/www/mysite to the directory /home/daniel/mysite, but also have the user of the mounted files mapped from the original user (www-data) to my own user (daniel). So that the file /var/www/mysite/index.php who's user is www-data will appear in the mounted directory as /home/daniel/mysite/index.php and be owned by daniel - and alternatively, if I create a file /home/daniel/mysite/test.php with my own user, it will be created in the original directory under the user www-data Is it possible? If not, what alternatives do I have so I can use an IDE and still make sure all the files belong to the HTTP server's user?
View 2 Replies View RelatedWe currently have a NFS shared Directory mounted as read-only on our server.This directory contains multiple sub-directories and files. It being read-only is a equirement. Now, we need a directory underneath to be read-write. Is there a graceful way to make that happen? Like a special mount option to use? Basically objective is: /u01 is mounted as read-only and has 3 directories: dir1, dir2, dir3 dir3 has 2 sub-directories- sub1,sub2/u01/dir3/sub2 needs to be read-write, while all other are read-only.
View 2 Replies View RelatedHow can i auto mount more than directory in the same directory ? i want to automount 2 home directories in the /home and still be able to enter the other home directories !
The problem that i've another account on the system with home directory joe when the user1 home directory auto mounted i become unable to enter joe home directory !
I could not find details of what CryptKeeper was doing and I worked this out. It shows how to open and close CryptKeeper files using encfs form the command line. I hope this helps others.
Ubuntu karmic 9.10. CryptKeeper 0.9.4-1 encfs 0.5.2-1ubuntu1 also works in Mint8. Tom Morton author of CryptKeeper site: [url]
How Gnome Cryptkeeper works with encfs
In CryptKeeper create a new encrypted folder:
The directory above is created and also another hidden one called: /home/ian/.aaaaaaxxxxTestCryptKeeper_encfs which contains one hidden file called .encfs6.xml. As you create additional folder and files in the /home/ian/aaaaaaxxxxTestCryptKeeper additional folders and files with encrypted names are created in /home/ian/aaaaaaxxxxTestCryptKeeper 4L9KBI4IeoAKOoZ,IwzVyn2VPGysXt-JCbStUej5Ewnn90. These mirror any files and folders which you create in the encrypted directory except that there names and contents are totally encrypted.
The above CryptKeeper directory can be created anywhere within the Linux file system, for example, on another partition. In each case two directories are created within the parent (in this example /home/ian/), one with the original directory name, the other preceeded with a "." and followed by "_encfs".
How to open a directory created with CryptKeeper using encfs.
Provided you copy the directory like .aaaaaaxxxxTestCryptKeeper_encfs and all its contents, it can be opened anywhere using the following command. (Note that full path names are needed.)
encfs /home/ian/.aaaaaaxxxxTestCryptKeeper_encfs /home/ian/aaaaaaxxxxTestCryptKeeper
The mount command will then show:
If /home/ian/.aaaaaaxxxxTestCryptKeeper_encfs does not exist you will asked if you wish to create it and you will be asked for a password twice. In this case it will not be in CryptKeeper unless you then import it.)
If it is a CryptKeeper file then it appears in CryptKeeper file list as opened and can be closed from there. To close from the command line type:
Note unmount will not work for these files.
Right, just a quick question about rsnapshot over sshfs and encfs. I've set up an encfs filesystem, and when mounted on the remote machine remotely:
Code:
touch foo.bar
Code:
cp -al foo.bar foo.car
Works as one would expect it to.
The same is true on the local machine (The EncFS has External IV chaining disabled). However, when the remote dir is sshfs mounted on my computer here, and then encfs'd to a decrypt mount on my computer, I can move files to it, and they go over the network and get encrypted, however:
Code:
cp -al <file> <file>
No longer works, I get 'not implemented' errors...
I thought since I don't have External IV chaining this shouldn't be an issue - I've tried without any of the file chaining options, again to no effect. All work remotely, or with both locally, but not over sshfs. Is this a quirk of sshfs?
Set up a few machines yesterday to test out some parallel code. Just for fun, I selected the "encrypt users files" option when setting up Ubuntu (10.10). I had never used the option in years past. Now I'm finding it a pain. EG., ssh requires me to already have a login to the machine before it will let me log in w/o a password (eg., using id_rsa.pub and authorized_keys).
Similarly, I have no reason to encrypt files on these machines. They're just crunching numbers. Is there an easy way to disable this? Or do I need to delete my original user and make another one (with all the su privelages, etc...) w/o an encrypted file system / home directory.
I'm running 11.04 (64 bit) get the following in my syslog
[Code]....
1) Why is this happening
2) How can it be fixed
3) How can it be avoided
my os is opensuse 11.4. I tried k-encfs, but failed. Running the .rpm file said successfully installed, but I cant find the program and running the 'install' script gives me another error message.
View 4 Replies View RelatedI am trying to get Encfs working on Ubuntu 10.10 with only partial success. I am using the Ubuntu package which is version 1.6.1. I am also trying to build 1.7.4 source on Ubuntu 10.10 which is failing.
First the problem with the Ubuntu package, which I realize may be fixed in 1.7.4. I am mounting a clear directory with the --reverse option to have an encrypted view of this data. This so far works, although I do not know if it really works correctly. I used rsync to copy all the encrypted data to a third directory outside of this first mounting. Then I do a second mounting (without --reverse) using that copy as the source, to make a mountpoint with a clear view of the copied encrypted files. This fails as no files show up at all.
I am doing it this way because my intended first use for Encfs is to copy an encrypted view of a local physically secured backup directory containing clear data to another remote machine where sometimes it is not physically secure. Transfer is by ssh over rsync, but that is not sufficient security for the remote machine. So the role of Encfs is to be sure the data is never in a clear state on that machine when the machine is not attended. This location is the home of the owner of the company who is not always at home. The machine is, in theory, at risk for theft when no one is at home (this is the risk we want to address). The owner will personally have the Encfs password, and may need access to some of these files. So it would be treated as an encrypted store and Encfs would be used to view it in the clear by manually mounting it that way (e.g. not with --reverse).
I am doing the test entirely on my desktop at the moment, as described above. I am using a script to carry out the entire setup of my tests, so it is fully reproducible, and that configuration can be incrementally changed as desired. I have a suspicion that certain messages resulting from the setup may indicate the problem. This is from the first mount with --reverse:
Code:
Creating new encrypted volume.
Standard configuration selected.
--reverse specified, not using unique/chained IV
Configuration finished. The filesystem to be created has
the following properties:
[Code]...
Just a warning / question about Encfs on Slackware current. I doesn't work due to the upgrade to boost 1.4.2. I ran encfs on an old install of 13.0 to get at my data, but I'd prefer to access it right from current. A big warning: if you try to access your encrypted data on current it will corrupt your encfs6.xml file and I don't know if it is recoverable (I had a backup of mine).
View 5 Replies View RelatedI've been trying to share a folder with samba. This folder is the decrypted version of an encfs encrypted folder. Mounting the decrypted folder on the server is done automatically on login using gnome-encfs. Exposing the folder locally works like a charm. Now where I get stuck is trying to access the samba share from a client (even with smbclient on the server itself). I can see the share with smbclient -L:
tijm64@tijm64-HTPC:~$ smbclient -L 192.168.1.100
Enter tijm64's password:
Domain=[TIJM64] OS=[Unix] Server=[Samba 3.4.7]
[Code].....
Is there a way I can temporarily mount a directory read-only to RAM? I read about creating a tmpfs to /dev/ram0 and mounting the folder there, though the tutorial seemed to have extra steps such as editing /etc/fstab, which I do not need to do. Can anyone outline a way to do this easily?
View 8 Replies View Related[URL]
encfs: preserve timestamps on a shared encrypted folder?
I would like to create an encrypted folder which can be shared by users included in the users group.To do so I used encfs:
Code:
cd somewhere
sudo mkdir encrypted visible
sudo chown root:users encrypted visible
sudo chmod 770 encrypted visible
encfs /somewhere/encrypted /somewhere/visible -o allow_other -o umask='007' -o uid='0'
Now if a user (included in users) creates a new document in the visible folder, that will be
Quote:
-rwxrwx--- 1 root users 0 2010-03-02 14:19 new file
While I would like it to be
Quote:
-rwxrwx--- 1 user users 0 2010-03-02 14:19 new file
Mounting encfs without the option uid='0' gives same results with only difference that instead of root the owner is the user who mounted encfs. Also copying a file owned by different user rather than root goes to the same: for example having in my home a file like
Quote:
-rwxr-x--- 1 me users 0 2010-03-02 14:30 myfile
and trying to copy it to the encrypted shared folder with
Code:
sudo cp -a -v ~/myfile /somewhere/visible
will give something like
Quote:
cp: failed to preserve ownership for `~/myfile': Operation not permitted
And the copied file on the shared encrypted folder will be as usual:
Quote:
-rwxrwx--- 1 root users 0 2010-03-02 14:30 myfile
Is there a way to mount encfs in order to preserve ownership?
Is there a way for my home folder to not be automatically mounted when i log in? And for that matter a way to change the password from my log in password to something else?
View 2 Replies View RelatedI started up my machine this morning and entered my password to encfs as I do each day and was greeted with a message telling me my password was incorrect. I tried several times, checked caps lock but no joy.
The message (which I didn't copy and paste unfortunately) mentioned ssl and I remembered that openssl was one of the security patches I applied at the weekend. So I removepkg'd the two openssl packages (v0.9.8m) and then installpkg'd the original ones that came with slackware 13.0 (v0.9.8k).
