Dircrypt - manage a single encrypted directory

Under development: PCMCIA, wireless, etc.
Post Reply
Message
Author
gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

Dircrypt - manage a single encrypted directory

#1 Post by gyro »

Edit:
Upgraded to "dircrypt-0.3.sfs".

Edit:
Upgraded to "dircrypt-0.2.sfs". Added check for non empty directories in the "Setup" code.

The attached "dircrypt-0.2.sfs" contains dircrypt, a utility to manage a single encrypted directory.

For a screen shot, and information about dircrypt, please visit https://www.fishprogs.software/puppy/di ... _help.html.

Features:
Dircrypt does not encrypt a savefile, it encrypts a directory, any directory. So it can be a subdirectory of any savefie or savefolder or save partition or somewhere outside the aufs stack in /mnt/home.
As you can choose the directory you can therefore choose to include only the files that need encryption in that directory. (What's so secret about the contents of a .pet?)
Since it can be outside and savefile or savefolder, it can be accessed by many puppies.
Dircrypt is designed to work with a number of different encryption software, although in it's first version it supports only "encfs" and "gocryptfs".

Notes on using:

Dircrypt uses yad (Yet Another Dialog) to implement it's GUI. So you will need yad version > 0.26.0 installed.
Some puppies contain yad, but unfortunately some of these are yad 0.12.4. Other puppies have yad available via the Puppy Package Manager, and the ones I saw were either version 0.27.0 or 0.36.2.
The goodnews is that yad is easy to compile from soure.
To determine if you have a useable yad, type "yad --version" into a console.

To encrypt things you need encryption software, for this version of dircrypt that means encfs. Fortunately many puppies have encfs available via the PPM.
I have successfully used encfs version 1.7.4 and encfs version 1.9.1. (I compiled version 1.9.1 from source.)
Although encfs is also easy to compile from source.

An sfs containing 32 bit binaries of yad and encfs "yad_encfs_bin32-0.1.sfs" and an sfs containing 64 bit binaries of yad and encfs "yad_encfs_bin64-0.1.sfs" can be
downloaded from http://www.mediafire.com/folder/2scl6j5e09xxb/dircrypt.
A 64 bit binary of gocryptfs can be downloaded from https://github.com/rfjakob/gocryptfs/re ... d64.tar.gz.

On first run, you won't immediately get to the main screen.
The first dialog will provide an oportunity to choose the encryption software to use. It will offer both encfs or gocryptfs, but don't bother choosing gocryptfs.
The next dialog is to choose the level of encryption, if the choosen software supports it. In the "encfs" case that means choosing beteen "standard" and "paranoia", "standard" produces a 192 bit key, "paranoia" produces a 256 bit key, but may be a bit slower.
Then if encfs is found on your puppy you will see the main screen, a single column of buttons. Click on a button, to run a script to do what the button says. If you haven't browsed the help url above, then I suggest you click on the "Help" button. The "status" button is useful, as it shows you what has already been done.

Both encfs and gocryptfs require the 2 directories to be different. So you can directly access the encrypted files in the encrypted directory. To minimise this you can specify the encrypted directory as hidden e.g. "/path/to/.crypt_stuff".

Edit:
The 32bit binaries provided above were compiled on tahr 6.0.5.
The 64bit binaries provided above were compiled on tahr64 6.0.5.

The yad source is available from https://sourceforge.net/projects/yad-dialog/files/.
The encfs source is available from https://github.com/vgough/encfs/tarball/master.

gyro
Attachments
dircrypt-0.2.sfs.gz
gunzip to produce sfs file
(26 KiB) Downloaded 526 times
Last edited by gyro on Wed 24 Apr 2019, 18:03, edited 4 times in total.

User avatar
Keef
Posts: 987
Joined: Thu 20 Dec 2007, 22:12
Location: Staffordshire

#2 Post by Keef »

Working ok on Slacko 6.9.6.4 using the encfs sfs.
Only issue is that when I mount the plaintext directory and click on it, I get an
"Error scanning '/mnt/home/hold': Can't stat directory: No such file or directory" dialogue box.
It does exist though, and works as expected.

Starting from terminal:

Code: Select all

# dircrypt 
encfsctl: /lib/libcrypto.so.1.0.0: no version information available (required by encfsctl)
encfsctl: /lib/libssl.so.1.0.0: no version information available (required by encfsctl)
encfs: /lib/libcrypto.so.1.0.0: no version information available (required by encfs)
encfs: /lib/libssl.so.1.0.0: no version information available (required by encfs)
No other output. As I said, everything is working correctly as far as I can tell.
Attachments
Screenshot(3).jpg
(38.85 KiB) Downloaded 1000 times

gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

#3 Post by gyro »

Keef wrote:Only issue is that when I mount the plaintext directory and click on it, I get an
"Error scanning '/mnt/home/hold': Can't stat directory: No such file or directory" dialogue box.
I've seen this error message, but only very rarely. I wonder if it's a timing issue.
I've noticed that if you choose "paranoia" level encryption, it takes significantly longer to mount.
The strange thing is that the plaintext directory is a real normal directory. It's the contents of the plaintext directory that don't actually exist on disk.
Keef wrote:Starting from terminal:

Code: Select all

# dircrypt 
encfsctl: /lib/libcrypto.so.1.0.0: no version information available (required by encfsctl)
encfsctl: /lib/libssl.so.1.0.0: no version information available (required by encfsctl)
encfs: /lib/libcrypto.so.1.0.0: no version information available (required by encfs)
encfs: /lib/libssl.so.1.0.0: no version information available (required by encfs)
I have never seen these warning messages, and I have quite frequently ran dircrypt from a terminal.
If you are using my encfs binaries, it could be a difference between Slacko and Ubuntu, I compiled the 32 bit binaries on tahrpup 6.0.5. (I should add a note to that effect in first post.)
Compiling on Slacko might make a difference.

Thanks for testing.

gyro

User avatar
mavrothal
Posts: 3096
Joined: Mon 24 Aug 2009, 18:23

#4 Post by mavrothal »

Did a very fast careless test and manage to wipe both the folder I was trying to encrypt and my home folder (no harm was just a test).
Caveat, you might want to add a check to make sure that the mount point is really empty. Also if mount fails, to eliminate the mount point info.
Finally you may want to add an (obvious) option to decrypt the folder.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==

gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

#5 Post by gyro »

mavrothal wrote:Caveat, you might want to add a check to make sure that the mount point is really empty.
I'll add checking that both directories are in fact empty before proceeding, in the "Setup" code.
mavrothal wrote:Finally you may want to add an (obvious) option to decrypt the folder.
I don't understand this statement.
With encryption facilities like "encfs" and "gocryptfs", you don't decrypt the directory, you mount the encrypted directory as the plaintext directory, then access the apparently decrypted files via the plaintext directory.

Normal creation method:
1) Define 2 empty directories, one will be encrypted one will be plaintext.
2) "Setup and Mount encrypted stash"
3) Add plaintext files to the plaintext directory. They will actually be stored on disk as encrypted files in the encrypted directory.
4) "Unmount encrypted stash"

Normal access method:
1) "Mount encrypted stash"
2) Access the apparently decrypted files in the plaintext directory.
3) "Unmount encrypted stash"

gyro

gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

#6 Post by gyro »

Upgraded to "dircrypt-0.2.sfs".
Added check for non empty directories in the "Setup" code.
See first post for download.
gyro

User avatar
smokey01
Posts: 2813
Joined: Sat 30 Dec 2006, 23:15
Location: South Australia :-(
Contact:

#7 Post by smokey01 »

gyro wrote:Upgraded to "dircrypt-0.2.sfs".
Added check for non empty directories in the "Setup" code.
See first post for download.
gyro
@gyro have you seen folderenc in fd710? It's a RoxApp.

gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

#8 Post by gyro »

smokey01 wrote:@gyro have you seen folderenc in fd710? It's a RoxApp.
No
gyro

User avatar
smokey01
Posts: 2813
Joined: Sat 30 Dec 2006, 23:15
Location: South Australia :-(
Contact:

#9 Post by smokey01 »

gyro wrote:
smokey01 wrote:@gyro have you seen folderenc in fd710? It's a RoxApp.
No
gyro
It works very well in FD710 so it may help you solve your problem.
Cheers

gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

Dircrypt - version 0.3 is available

#10 Post by gyro »

"dircrypt-0.3.sfs" is available for download.

For a screen shot, and information about dircrypt, please visit https://www.fishprogs.software/puppy/di ... _help.html.

This version has been updated to work with the "gocryptfs" avaiable in the Puppy Package Manager of recent upups.
And the 64bit "gocryptfs" available from https://github.com/rfjakob/gocryptfs/releases.
Of course it still supports the "encfs" found in the Puppy Package Manager of many Puppies.

This version includes, and uses, it's own copies of "yad" binaries, both 32bit and 64bit.
This is so that it will work "out of the box", even in Puppies with rather ancient versions of "yad".
Unfortunately this means that it's a lot bigger (144MiB), and hence not attached here.

To use:

1. Install "gocryptfs" or "encfs".
To use the 64bit "gocryptfs" from https://github.com/rfjakob/gocryptfs/releases,
extract the tar.gz file, and then move the "gocryptfs" binary file to "/root/my-applications/bin/".
If you can't obtain "gocryptfs" and there's no "encfs" available via your Puppy Package Manager,
then you can download a 32bit "encfs" as "yad_encfs_bin32-0.1.sfs"

2. Download "dircrypt-0.3.sfs" and then load it as an extra sfs.

3. In the menu select "Filesystem -> Dircrypt encrypt directory".

Edit: The files "dircrypt-03.sfs" and "yad_encfs_bin32-0.1.sfs", can be downloaded from http://www.mediafire.com/folder/2scl6j5e09xxb/dircrypt

gyro
Last edited by gyro on Wed 24 Apr 2019, 17:54, edited 1 time in total.

gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

#11 Post by gyro »

As an alternative source of 32bit "encfs", download "encfs_bin32.tar.gz" from http://www.mediafire.com/folder/2scl6j5e09xxb/dircrypt.
Extract the tar.gz file, and then move the "encfs" and "encfsctl" binary files to "/root/my-applications/bin/".

gyro

gyro
Posts: 1798
Joined: Tue 28 Oct 2008, 21:35
Location: Brisbane, Australia

#12 Post by gyro »

Moved download files to "mediafire".

gyro

Post Reply