openDesktop.org :
K-EncFS
Security
If you have a notebook, or personal data on your computer, you really need this application.
Encfs is meant to provide security against off-line attacks; ie your notebook is stolen, your backups are stolen. K-EncFS is a frontend to the EncFS encrypting utility.
K-EncFS has the following dependencies:
* python (>=2.3.5)
* python-qt3 (pyQt, >=3.15)
* python-KDE (pyKDE, tested version: 3.11.3)
* EncFS (tested versions: 1.2.4, 1.3.1) and its dependencies:
* FUSE (tested version: 2.6.1)
* RLog (a C++ logging library, tested versions: 1.3.6, 1.3.7)
* OpenSSL (versions 0.9.6, 0.9.7 and 0.9.8 have been tested.)
Visit the following home pages to download these dependencies:
http://arg0.net/encfs or http://encfs.sourceforge.net/
http://fuse.sourceforge.net/
http://arg0.net/wiki/rlog
http://www.openssl.org/
NOTE for Debian users: These utilities are included in Debian. You need not download and compile anything. Do not remove the line inserting fuse from the file /etc/modules! If you use Ubuntu, it must work from Dapper (it has not been tested).
NOTE for openSuSE 10.2 users: Just install encfs with its dependencies! Do not remove the line inserting fuse from the file /etc/modules! If you enter the wrong password, only a short notification will appear in the "Messages" box. It is because of a bug in your distribution packages.
Use the INSTALL and UNINSTALL scripts if the enclosed packages are not match to your system!
If kde-config fails to work, edit the line 23 of the INSTALL and the line 15 of the UNINSTALL file. The variable KDEINSTPREFIX is the installation directory of KDE, e.g. KDEINSTPREFIX="/opt/kde3" or KDEINSTPREFIX="/opt/kde3.5".
If you want to migrate from kencfs to kencfs2, copy the content of the folder pops-up with kencfs to the folder pops-up with kencfs2. Do not move the encrypted folder! The path is a parameter of the encryption method.
Please do a comprehensive test before using this encryption utility!
From the version 2.1, K-EncFS can mount the encrypted file system during KDE startup, so the previous tastks can be restored by KDE. (For more info read the file /usr/local/lib/kencfs2/startkde/readme.startkde)
A known problem if you patch the startkde script:
On SuSE 10.3, the startups screen waits about 1 min. if you use the default splash screen. You can press the left mouse button, or you can choose another splash screen.
----- K-EncFS is released under the license of GPL -----
GILDE project (Graphical Interfaces to Learn Debian Easily).
(C) Big-Cat Software Association, 2007.
The picture file_locked.png is from the iconset SnowIsh-1.0 created by Alexandre Moore (aka Saki), compiled for KDE by Arno Rehn. (SnowIsh for KDE was merged with NuoveXT (from Saki) to fit better with KDE.)
10 years ago
Changelog for version 2.1 (kencfs2)
- K-EncFS starts automatically, if you left it on the systemtray.
- Mount encrypted file system during KDE startup in order to restore your works in the encrypted file system. (Requires editing the startkde script.)
Changelog for version 2.0 (kencfs2)
- Encoding options.
- New folder for encrypted files.
- Improved operation.
- Generic install and uninstall scripts were improved.
NOTE: There are two versions of K-EncFS: kencfs and kencfs2. You can use them simultaneously. Only kencfs2 will be maintained.
Changelog for version 1.1
- Generic install and uninstall scripts were added.
- Tooltips.
- Improved error messages.
10 years ago
Changelog for version 2.1 (kencfs2)
- K-EncFS starts automatically, if you left it on the systemtray.
- Mount encrypted file system during KDE startup in order to restore your works in the encrypted file system. (Requires editing the startkde script.)
Changelog for version 2.0 (kencfs2)
- Encoding options.
- New folder for encrypted files.
- Improved operation.
- Generic install and uninstall scripts were improved.
NOTE: There are two versions of K-EncFS: kencfs and kencfs2. You can use them simultaneously. Only kencfs2 will be maintained.
Changelog for version 1.1
- Generic install and uninstall scripts were added.
- Tooltips.
- Improved error messages.
anthonyt
6 years ago
The problem is that they all like to create 'icon' files which typically get stored in a sub-directory of your home, outside the encrypted file system.
If someone was to steal your laptop, or break into your machine they can get a really good idea of what you have encrypted by just looking at these icons.
Even if you don't have images, movies, or postscript files in your encrypted folder, that generates visible thumbnails, the black hats can still get an idea of what file names you are using from the thumbnails and any possible browsing history it may keep.
Even with command line shells you need to keep in mine shell history, and take appropriate measures to protect yourself. Same goes for editors that could make use of /tmp.
Now don't get me wrong. I use EncFS a lot, and not just for files I want secure, but for a lot of less important files too (the more you have the the harder it is to separate the craff or fake un-decipherable data). But you can't just use it blindly.
Report
SkyQuakes
8 years ago
Report
trisz
8 years ago
I hate the thumbs files on my cd-s, and i hate...
(KDE4 is not intended for the daily usage but it is only for the design.)
I must find a stupid solution for this problem.
Report
reggol2
8 years ago
this error:
User specific directories for K-EncFS are present
User specific encrypted directory for K-EncFS present
Traceback (most recent call last):
File "/usr/bin/kencfslink", line 17, in <module>
from qt import *
ImportError: No module named qt
Any workaround?
Report
trisz
8 years ago
python-kde,
...
see the dependencies!
Report
ssabchew
8 years ago
Could somebody provide a source rpm?
Report
trisz
8 years ago
Every distro have a surprise in store for you. There is a serious risk concerning your data if you use it.
Report
frenchrh
9 years ago
Report
trisz
9 years ago
I forget it after I have finished my work with the frontend.
Much more serious problem is the backward compatibility...
I have to check the application regularly, and to correct it. I created this application for you, but this does not apply for encfs.
Report
SkyQuakes
9 years ago
User specific directories for K-EncFS are present
User specific encrypted directory for K-EncFS present
/usr/bin/kencfs2: line 36: kencfslink: command not found
Report
trisz
9 years ago
/usr/bin/kencfslink
really missing after the installation?
(It was copied by the install script.
Please copy it manually from the tgz to the target directory!)
Report
peewen
9 years ago
can use kencsfs2 to external drive(hd usb)?
Report
trisz
9 years ago
It is for folders.
In this state of my app you cannot modify the encrypted folder. It could be a future feature.
Report
praedor
9 years ago
I have worked through a number of error messages myself but have finally become stymied on this one:
User specific directories for K-EncFS are present
User specific encrypted directory for K-EncFS present
/usr/bin/kencfs2: line 52: 9966 Segmentation fault /usr/local/bin/kencfslink
I have encrypted files but can no longer access them because kencfs2 no longer works.
Report
praedor
9 years ago
open("/usr/lib/python2.5/site-packages/sip.so", O_RDONLY|O_LARGEFILE) = 4
fstat64(4, {st_mode=S_IFREG|0755, st_size=60980, ...}) = 0
open("/usr/lib/python2.5/site-packages/sip.so", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0 \0\000"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=60980, ...}) = 0
mmap2(NULL, 59912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xb7a93000
mmap2(0xb7aa1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xe) = 0xb7aa1000
close(5) = 0
close(4) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Process 10590 detached
Report
trisz
9 years ago
encfs (your home directory)/.kencfs2/.encrypted (your home directory)/.kencfs2/encrypted -S
Similar problem were reported on 1 of Nov 2007. I uploaded the new version 2.1 on 17 of Dec 2007.
Which version do you use?
Report
unknownkde
9 years ago
Im using Opensuse 10.2
I get the following message:
ImportError: No module named kdecore
Kdebindings is installed
What went wrong?
Report
trisz
9 years ago
the previous release on 10.2.
The kdecore is the most important part of python-kde. It is not installed, or the wrong version installed (not for SuSE 10.2), the postinstallation script failed...
Try to reinstall it.
Report
praedor
9 years ago
/usr/bin/kencfs2: line 52: 22227 Segmentation fault python /usr/local/lib/kencfs2/kencfs.py
Report
trisz
9 years ago
Try from the konsole:
python /usr/local/lib/kencfs2/kencfs.py
What kind of error message appears?
Report
kaidokert
10 years ago
- ability to set my own mount point, in my case i was used to ~/sources ( dont ask )
- ability to mount the filesystem before the rest of the KDE session is restored during login
For example, if, before logout, i had a Kate session open with several files from the encrypted directory, kate will come up with blank files before i mount the dir. I know this is fundamentally much more difficult to do... maybe if Kencfs was integrated with KDE wallet instead ? KDE wallet seems to behave quite nice with the rest of the apps (Kopete, KMail etc )
Now i am still back to mounting the filesystem from a virtual terminal before actually logging in with KDE.
two bash aliases do the job, one for mounting other for unmounting
Report
trisz
10 years ago
EncFS can use your login password for KDE to mount the encrypted file system, but in this case your data is protected by the same way as your computer generally.
Boot from a live CD, change the file /etc/... (stores your password hash), and your encrypted file system is... does not really protect your data.
There is not any other way to restore your kate sessions automatically.
The question: safety or confort?
Report
kaidokert
10 years ago
Similarly as KDE Wallet does not use the same password as login.
By the way, there is a libpam-encfs package that could probably be used for more flexible authentication option, i did not try to use that yet.
Here is what i am doing right now after bootup:
when kde login comes up, i switch to virtual terminal ( alt+f1 )
login from there
mount the encfs directory using bash alias and input my long-and-secure encryption password
switch back to KDE screen, ALT+F7
login
KDE will restore my session, including all open files ( CodeBlocks workspaces, Kate files, etc. etc. ) from the secure disk
Report
trisz
10 years ago
I studied the kwalletmanager on two systems. It works on neither of them. On SuSE 10.2, it does not accept the correct password.
On debian ETCH, I cannot access any folder. Panes are missing...
I cannot apply such a buggy application.
Please explain me, how can you use this application on your system?
EncFS cannot restore anything concerning a KDE session. There are not any feature to do this.
We need an application with the ability of delaying the system tray activation untill you enter your password.
I think, it could not be a KDE application, because it relies on KDE. A KDE application cannot work before KDE starts.
Patching kdm could be a good solution. (Please send the KDE team a feature request!)
I cannot understand your problem with the directories. EncFS uses two directories. One for the encrypted data. You need not acces it directly. The other is a virtual folder, it must be empty before mounting the fs. You cannot pass any data directly into this folder. It is a file system, not separate resistant encrypted files. If you do not like the name of the folder, you can edit the file /media/hdc2/usr/local/lib/kencfs2/kencfs.py.
Change the value of the variables self.user_dot_encrypted and self.user_encrypted! Then, edit the start script /usr/bin/kencfs2!
Report
v01z
10 years ago
Report