Today we all use services of cloud storage, Whether Dropbox, Google Drive, onedrive (from Microsotf) or others, and the truth is that at least the best known are very secure and in general our data will be well protected. That, of course, unless someone can take over ours access data, Something that has already happened several times and not long ago even happened to many celebrities who stored their data in iCloud, the cloud service that Apple offers users of iPhones, iPads and MacBooks.
The problem is that a server may have security flaws i expose our data although we jealously guard the login details. Of course, sometimes this data may be available if we do not use it carefully (for example when logging in from unsafe networks or equipment) and in case someone obtains it can be done with full control of our account and of course, access to all the information we have stored in it, with results that can be catastrophic if it were of importance.
That’s why we’re going to show you a way to protect ourselves a little more in the ‘ encrypt local folders and then sync them with any cloud service, Whatever our preference but if the information is important it is preferable to rely on those of major companies as they guarantee a little more seriousness in addition to knowing that they are difficult to disappear overnight. When performing this task everything we upload to the cloud will be encrypted, so even if someone could access our data they won’t be able to use or know what it’s about.
To start what we need is to use some encryption tool, And that’s why we’re going to rely on encfs, An open source software available in most Linux distributions and that works differently from TrueCrypt because instead of creating an encrypted container – in which the actual data is not when we ‘remove’ them out of the-here what is done is encrypt each file individually within a folder specified by us.
This folder will be synchronized automatically by encfs from the data we store in another folder, in which all the information will be unencrypted. Of course, the folder to sync with a cloud service is the first, which has its data encrypted, but in case all this information is confusing – or I was when I wrote these lines – we will review the encfs operation:
- We create a folder, preferably in our personal folder, in which we will save the data unencrypted.
- We create a folder, within the on-premises folder that synchronizes with our service in the cloud of preference, in which we will have the data encrypted. This folder is created by encfs and by default it is called ‘Private’.
- We are asked for a password, which we must create and make sure we remember because without it we irreversibly lose access to our data.
- We move, copy or create in the step 1 folder everything we are going to want to protect.
- Encfs is responsible for automatically synchronizing with the folder created in step 2, encrypting and letting the cloud service take care of uploading it to its servers.
Now that we have it a little clearer we install encfs:
# Apt-get install encfs
We run encfs:
encfs ~ / Dropbox / encrypted ~ / Private
We told encfs which folder will contain the encrypted data, if the folder does not exist we will be asked if we want to create it. You will be notified that the ~ folder will be created/ Private, Where the data will go unencrypted, and finally we will be asked to select the expert configuration level (x) or a default one (p) which is already secure enough. Then, as we see in the image above, we are warned that it is going to to create a password to protect encrypted data, Which we can change later by ordering encfsctl.
That’s it, we can now start saving things in the Private folder, and let encfs take over your task and cloud service (e.g. Dropbox) from yours). But there are some issues to consider:
- The Private folder will not be mounted by default after logging in to our computer, until we do as in step 1 above: # Encfs encrypted folder carpetasinencrypt.
- Inside the encrypted folder, the one we use to sync, is a file called .encfs6.xml. If we delete this file we will lose access to our data forever, so it would be convenient to have a backup of it.
- We can use encfs on as many computers as we wantTo do this, simply install the same storage service in the cloud, let it synchronize files to a local folder, which will be encrypted, and run the initial command to synchronize the on-premises folder with / home / user / Private, where we will finally see them.
To summarize, this is an interesting solution, quite simple to use and available in major Linux distributions, which allows us to enjoy a little more security and peace of mind if we are going to store important data in the cloud.