Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 26 Sep 2017, 10:48
All times are UTC - 4
 Forum index » Advanced Topics » Cutting edge
Dircrypt - manage a single encrypted directory
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [9 Posts]  
Author Message
gyro

Joined: 28 Oct 2008
Posts: 1401
Location: Brisbane, Australia

PostPosted: Fri 03 Feb 2017, 13:32    Post subject:  Dircrypt - manage a single encrypted directory
Subject description: In a savefile, savefolder, save partition, /mnt/home
 

Edit:
Upgraded to "dircrypt-0.2.sfs". Added check for non empty directories in the "Setup" code.

The attached "dircrypt-0.2.sfs" contains dircrypt, a utility to manage a single encrypted directory.

For a screen shot, and information about dircrypt, please visit https://www.fishprogs.software/puppy/dircrypt/dircrypt_help.html.

Features:
Dircrypt does not encrypt a savefile, it encrypts a directory, any directory. So it can be a subdirectory of any savefie or savefolder or save partition or somewhere outside the aufs stack in /mnt/home.
As you can choose the directory you can therefore choose to include only the files that need encryption in that directory. (What's so secret about the contents of a .pet?)
Since it can be outside and savefile or savefolder, it can be accessed by many puppies.
Dircrypt is designed to work with a number of different encryption software, although in it's first version it supports only "encfs" and "gocryptfs".

Notes on using:

Dircrypt uses yad (Yet Another Dialog) to implement it's GUI. So you will need yad version > 0.26.0 installed.
Some puppies contain yad, but unfortunately some of these are yad 0.12.4. Other puppies have yad available via the Puppy Package Manager, and the ones I saw were either version 0.27.0 or 0.36.2.
The goodnews is that yad is easy to compile from soure.
To determine if you have a useable yad, type "yad --version" into a console.

To encrypt things you need encryption software, for this version of dircrypt that means encfs. Fortunately many puppies have encfs available via the PPM.
I have successfully used encfs version 1.7.4 and encfs version 1.9.1. (I compiled version 1.9.1 from source.)
Although encfs is also easy to compile from source.

An sfs containing 32 bit binaries of yad and encfs can be downloaded from https://www.fishprogs.software/puppy/dircrypt/yad_encfs_bin32-0.1.sfs.
An sfs containing 64 bit binaries of yad and encfs can be downloaded from https://www.fishprogs.software/puppy/dircrypt/yad_encfs_bin64-0.1.sfs.
A 64 bit binary of gocryptfs can be downloaded from https://github.com/rfjakob/gocryptfs/releases/download/v1.2/gocryptfs_v1.2_debian8_amd64.tar.gz.

On first run, you won't immediately get to the main screen.
The first dialog will provide an oportunity to choose the encryption software to use. It will offer both encfs or gocryptfs, but don't bother choosing gocryptfs.
The next dialog is to choose the level of encryption, if the choosen software supports it. In the "encfs" case that means choosing beteen "standard" and "paranoia", "standard" produces a 192 bit key, "paranoia" produces a 256 bit key, but may be a bit slower.
Then if encfs is found on your puppy you will see the main screen, a single column of buttons. Click on a button, to run a script to do what the button says. If you haven't browsed the help url above, then I suggest you click on the "Help" button. The "status" button is useful, as it shows you what has already been done.

Both encfs and gocryptfs require the 2 directories to be different. So you can directly access the encrypted files in the encrypted directory. To minimise this you can specify the encrypted directory as hidden e.g. "/path/to/.crypt_stuff".

Edit:
The 32bit binaries provided above were compiled on tahr 6.0.5.
The 64bit binaries provided above were compiled on tahr64 6.0.5.

The yad source is available from https://sourceforge.net/projects/yad-dialog/files/.
The encfs source is available from https://github.com/vgough/encfs/tarball/master.

gyro
dircrypt-0.2.sfs.gz
Description  gunzip to produce sfs file
gz

 Download 
Filename  dircrypt-0.2.sfs.gz 
Filesize  26 KB 
Downloaded  45 Time(s) 

Last edited by gyro on Sat 04 Feb 2017, 08:49; edited 3 times in total
Back to top
View user's profile Send private message 
Keef


Joined: 20 Dec 2007
Posts: 849
Location: Staffordshire

PostPosted: Fri 03 Feb 2017, 16:19    Post subject:  

Working ok on Slacko 6.9.6.4 using the encfs sfs.
Only issue is that when I mount the plaintext directory and click on it, I get an
"Error scanning '/mnt/home/hold': Can't stat directory: No such file or directory" dialogue box.
It does exist though, and works as expected.

Starting from terminal:
Code:
# dircrypt
encfsctl: /lib/libcrypto.so.1.0.0: no version information available (required by encfsctl)
encfsctl: /lib/libssl.so.1.0.0: no version information available (required by encfsctl)
encfs: /lib/libcrypto.so.1.0.0: no version information available (required by encfs)
encfs: /lib/libssl.so.1.0.0: no version information available (required by encfs)


No other output. As I said, everything is working correctly as far as I can tell.
Screenshot(3).jpg
 Description   
 Filesize   38.85 KB
 Viewed   330 Time(s)

Screenshot(3).jpg

Back to top
View user's profile Send private message 
gyro

Joined: 28 Oct 2008
Posts: 1401
Location: Brisbane, Australia

PostPosted: Fri 03 Feb 2017, 20:56    Post subject:  

Keef wrote:
Only issue is that when I mount the plaintext directory and click on it, I get an
"Error scanning '/mnt/home/hold': Can't stat directory: No such file or directory" dialogue box.
I've seen this error message, but only very rarely. I wonder if it's a timing issue.
I've noticed that if you choose "paranoia" level encryption, it takes significantly longer to mount.
The strange thing is that the plaintext directory is a real normal directory. It's the contents of the plaintext directory that don't actually exist on disk.
Keef wrote:
Starting from terminal:
Code:
# dircrypt
encfsctl: /lib/libcrypto.so.1.0.0: no version information available (required by encfsctl)
encfsctl: /lib/libssl.so.1.0.0: no version information available (required by encfsctl)
encfs: /lib/libcrypto.so.1.0.0: no version information available (required by encfs)
encfs: /lib/libssl.so.1.0.0: no version information available (required by encfs)
I have never seen these warning messages, and I have quite frequently ran dircrypt from a terminal.
If you are using my encfs binaries, it could be a difference between Slacko and Ubuntu, I compiled the 32 bit binaries on tahrpup 6.0.5. (I should add a note to that effect in first post.)
Compiling on Slacko might make a difference.

Thanks for testing.

gyro
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 2872

PostPosted: Sat 04 Feb 2017, 02:18    Post subject:  

Did a very fast careless test and manage to wipe both the folder I was trying to encrypt and my home folder (no harm was just a test).
Caveat, you might want to add a check to make sure that the mount point is really empty. Also if mount fails, to eliminate the mount point info.
Finally you may want to add an (obvious) option to decrypt the folder.

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
gyro

Joined: 28 Oct 2008
Posts: 1401
Location: Brisbane, Australia

PostPosted: Sat 04 Feb 2017, 08:05    Post subject:  

mavrothal wrote:
Caveat, you might want to add a check to make sure that the mount point is really empty.
I'll add checking that both directories are in fact empty before proceeding, in the "Setup" code.
mavrothal wrote:
Finally you may want to add an (obvious) option to decrypt the folder.
I don't understand this statement.
With encryption facilities like "encfs" and "gocryptfs", you don't decrypt the directory, you mount the encrypted directory as the plaintext directory, then access the apparently decrypted files via the plaintext directory.

Normal creation method:
1) Define 2 empty directories, one will be encrypted one will be plaintext.
2) "Setup and Mount encrypted stash"
3) Add plaintext files to the plaintext directory. They will actually be stored on disk as encrypted files in the encrypted directory.
4) "Unmount encrypted stash"

Normal access method:
1) "Mount encrypted stash"
2) Access the apparently decrypted files in the plaintext directory.
3) "Unmount encrypted stash"

gyro
Back to top
View user's profile Send private message 
gyro

Joined: 28 Oct 2008
Posts: 1401
Location: Brisbane, Australia

PostPosted: Sat 04 Feb 2017, 08:51    Post subject:  

Upgraded to "dircrypt-0.2.sfs".
Added check for non empty directories in the "Setup" code.
See first post for download.
gyro
Back to top
View user's profile Send private message 
smokey01


Joined: 30 Dec 2006
Posts: 2645
Location: South Australia

PostPosted: Sat 04 Feb 2017, 17:58    Post subject:  

gyro wrote:
Upgraded to "dircrypt-0.2.sfs".
Added check for non empty directories in the "Setup" code.
See first post for download.
gyro


@gyro have you seen folderenc in fd710? It's a RoxApp.

_________________
Software <-> Distros <-> Tips <-> Newsletters
Back to top
View user's profile Send private message Visit poster's website 
gyro

Joined: 28 Oct 2008
Posts: 1401
Location: Brisbane, Australia

PostPosted: Sun 05 Feb 2017, 12:49    Post subject:  

smokey01 wrote:
@gyro have you seen folderenc in fd710? It's a RoxApp.
No
gyro
Back to top
View user's profile Send private message 
smokey01


Joined: 30 Dec 2006
Posts: 2645
Location: South Australia

PostPosted: Sun 05 Feb 2017, 19:03    Post subject:  

gyro wrote:
smokey01 wrote:
@gyro have you seen folderenc in fd710? It's a RoxApp.
No
gyro

It works very well in FD710 so it may help you solve your problem.
Cheers

_________________
Software <-> Distros <-> Tips <-> Newsletters
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 1 [9 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Cutting edge
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0473s ][ Queries: 14 (0.0038s) ][ GZIP on ]