Source

gnome-encfs / README

Full commit
-*- markdown -*-

gnome-encfs
===========

*gnome-encfs* integrates [EncFS][1] folders into the GNOME desktop by storing
their passwords in the [keyring][2] and optionally mounting them at login using
GNOME's autostart mechanism.

*gnome-encfs* allows you to use strong passwords for EncFS folders while still
mounting them painlessly (i.e. no password prompt).
This is an advantage over automount solutions like *pam-encfs* and *pam-mount*
which require to use the same password for EncFS folders as for your local user
account. This is bad because local account passwords usually are weaker than
those one should use for encrypting online stored data, e.g. in a [Dropbox][5].

Download
--------

Download the [package][3] *or* checkout the source:

    $ hg clone http://bitbucket.org/obensonne/gnome-encfs

Installation
------------

    $ cd /path/to/gnome-encfs
    $ install gnome-encfs /usr/local/bin
    
**Note:** You can run *gnome-encfs* right from the extracted package but to make
use of the automount feature at GNOME login, it must be placed somewhere in
*PATH* (as configured during a login to GNOME). Using the install command above
ensures this requirement is fulfilled.

Usage
-----

### Add an EncFS folder

Suppose you have an EncFS folder at `~/.Private.encrypted` which should get
mounted to `~/Private`. Make it known to *gnome-encfs*:

    $ gnome-encfs -a ~/.Private.encrypted ~/Private
    EncFS password: <enter encfs password>
    Mount at login [Y/n]: <say 'y' or 'n'>
    
This adds the EncFS path, its mount location and password to the GNOME keyring
and sets up a GNOME autostart entry to mount it at GNOME login (if enabled).

### Mount an EncFS folder

If you said *y* above to the login mount question, the EncFS folder
gets mounted automatically at GNOME login. If you prefer to mount on demand,
you do that with

     $ gnome-encfs -m ~/Private

which looks up the password in the keyring and does the mounting without
the need to enter the password manually.

Unmount as usual, using *fusermount*:

    $ fusermount -u ~/Private

### Other tasks

You can also  show, edit and remove EncFS folders handled by *gnome-enfs*:

    $ gnome-encfs -h
    
    Usage: gnome-encfs --list
           gnome-encfs --mount [ENCFS-PATH-or-MOUNT-POINT]
           gnome-encfs --add ENCFS-PATH MOUNT-POINT
           gnome-encfs --edit MOUNT-POINT
           gnome-encfs --remove MOUNT-POINT
    
    Painlessly mount and manage EncFS folders using GNOME's keyring.
    
    Options:
      --version            show program's version number and exit
      -h, --help           show this help message and exit
      -l, --list           list all EncFS items stored in keyring
      -m, --mount          mount all or selected EncFS paths stored in keyring
      -a, --add            add a new EncFS item to keyring
      -e, --edit           edit an EncFS item in keyring
      -r, --remove         remove an EncFS item from keyring
    ...

Usage should be straight forward - otherwise [submit an issue][7].

### Automatically unmount EncFS folders on logout

Unfortunately there's no equivalent to GNOME's autostart scripts which could be
used to automatically unmount your EncFS folders on logout (without shutting
down). However, there's a manual solution using a [GDM hook script][gdm]:
`/etc/gdm/PostSession/Default`. Open this file in an editor (requires *root*
privileges) and add this line:

    mount | grep "^encfs" | grep "user=$USER" | awk '{print $3}' | while read MPOINT ; do sudo -u $USER fusermount -u "$MPOINT" ; done

This script is executed whenever you logout from GNOME. With this line, it
looks for mounted EncFS folders of the user currently logging out. Then it
unmounts each, using the `fusermount` command (note that this command is
executed as *root*, that's why there is a `sudo -u $USER` before the
`fusermount` command).

[gdm]: http://library.gnome.org/admin/gdm/stable/configuration.html

License
-------

*gnome-encfs* is licensed as [GPL][6].

[1]: http://www.arg0.net/encfs
[2]: http://live.gnome.org/GnomeKeyring
[3]: http://bitbucket.org/obensonne/gnome-encfs/get/tip.tar.gz
[5]: http://dropbox.com
[6]: http://www.gnu.org/licenses/gpl.html
[7]: http://bitbucket.org/obensonne/gnome-encfs/issues/?status=new&status=open