Almost all cloud storage services encrypt customers data, however this doesn’t mean that the privacy of this data is protected enough.
The most of those services also manage the keys used for encryption, that means that your encrypted folder can be decrypted not only by you.
In this article i will show make a private encrypted cloud storage solution based on Dropbox with on-the-fly encryption.
I will show how to encrypt files and folders in Dropbox by yourself using EncFS for Linux.
Cool Tip: Want to keep safe your private data? Create a password protected ZIP file from the Linux command line! Read more →
Dropbox Encryption
Create an account in Dropbox and install the Dropbox client for Linux.
Install EncFS:
$ sudo apt-get install encfs
Create a new EncFS encrypted volume:
$ encfs ~/Dropbox/.encrypted ~/DropboxDecrypted
This command will create two directories:
~/Dropbox/.encrypted – is the hidden folder where you will store encrypted versions of your files. The encrypted content of this folder will be synced by Dropbox.~/DropboxDecrypted – is the folder (mount point) with decrypted versions of your files.Important: Do not create files directly in ~/Dropbox/.encrypted! The content of this folder will be synced by Dropbox as it is! Work only inside ~/DropboxDecrypted!
During setup EncFS will ask you several questions.
You can enter "p" to choose very secure setup (paranoia mode), or enter "x" if you want to configure EncFS manually (expert mode).
At the very end you will be asked to create a password.
When configuration is finished, EncFS will create an .xml file inside the encrypted Dropbox folder with the information about selected cipher, key, etc.
Important: If you want to be able to recover your encrypted Dropbox files – don’t forget the password and don’t loose the ~/Dropbox/.encrypted/.encfs6.xml file.
Finally EncFS decrypts the content of the ~/Dropbox/.encrypted folder and mounts it to the ~/DropboxDecrypted mount point.
You can check this by running the following command:
$ mount | grep DropboxDecrypted encfs on /home/username/DropboxDecrypted type fuse.encfs (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000,default_permissions)
To unmount encrypted Dropbox folder, run:
$ umount ~/DropboxDecrypted
To remount it back again, run:
$ encfs ~/Dropbox/.encrypted ~/DropboxDecrypted
Cool Tip: Encrypt files and messages with a password from the Linux command line, using OpenSSL! Read More →
If you want to auto-mount encrypted Dropbox folder at user login, you can add the following line to your ~/.profile file:
# Mount Dropbox Encrypted Cloud Storage echo "passw0rd" | encfs -S ~/Dropbox/.encrypted ~/DropboxDecrypted
be aware that using paranoid mode of encfs with dropbox may cause data corruption if the paths of the files changes (renaming dirs). search for dropbox note in the github page of the project.