(old)Puppy Linux Discussion Forum

Edit:
Upgraded to "dircrypt-0.3.sfs".

Edit:
Upgraded to "dircrypt-0.2.sfs". Added check for non empty directories in the "Setup" code.

The attached "dircrypt-0.2.sfs" contains dircrypt, a utility to manage a single encrypted directory.

For a screen shot, and information about dircrypt, please visit https://www.fishprogs.software/puppy/di ... _help.html.

Features:
Dircrypt does not encrypt a savefile, it encrypts a directory, any directory. So it can be a subdirectory of any savefie or savefolder or save partition or somewhere outside the aufs stack in /mnt/home.
As you can choose the directory you can therefore choose to include only the files that need encryption in that directory. (What's so secret about the contents of a .pet?)
Since it can be outside and savefile or savefolder, it can be accessed by many puppies.
Dircrypt is designed to work with a number of different encryption software, although in it's first version it supports only "encfs" and "gocryptfs".

Notes on using:

Dircrypt uses yad (Yet Another Dialog) to implement it's GUI. So you will need yad version > 0.26.0 installed.
Some puppies contain yad, but unfortunately some of these are yad 0.12.4. Other puppies have yad available via the Puppy Package Manager, and the ones I saw were either version 0.27.0 or 0.36.2.
The goodnews is that yad is easy to compile from soure.
To determine if you have a useable yad, type "yad --version" into a console.

To encrypt things you need encryption software, for this version of dircrypt that means encfs. Fortunately many puppies have encfs available via the PPM.
I have successfully used encfs version 1.7.4 and encfs version 1.9.1. (I compiled version 1.9.1 from source.)
Although encfs is also easy to compile from source.

An sfs containing 32 bit binaries of yad and encfs "yad_encfs_bin32-0.1.sfs" and an sfs containing 64 bit binaries of yad and encfs "yad_encfs_bin64-0.1.sfs" can be
downloaded from http://www.mediafire.com/folder/2scl6j5e09xxb/dircrypt.
A 64 bit binary of gocryptfs can be downloaded from https://github.com/rfjakob/gocryptfs/re ... d64.tar.gz.

On first run, you won't immediately get to the main screen.
The first dialog will provide an oportunity to choose the encryption software to use. It will offer both encfs or gocryptfs, but don't bother choosing gocryptfs.
The next dialog is to choose the level of encryption, if the choosen software supports it. In the "encfs" case that means choosing beteen "standard" and "paranoia", "standard" produces a 192 bit key, "paranoia" produces a 256 bit key, but may be a bit slower.
Then if encfs is found on your puppy you will see the main screen, a single column of buttons. Click on a button, to run a script to do what the button says. If you haven't browsed the help url above, then I suggest you click on the "Help" button. The "status" button is useful, as it shows you what has already been done.

Both encfs and gocryptfs require the 2 directories to be different. So you can directly access the encrypted files in the encrypted directory. To minimise this you can specify the encrypted directory as hidden e.g. "/path/to/.crypt_stuff".

Edit:
The 32bit binaries provided above were compiled on tahr 6.0.5.
The 64bit binaries provided above were compiled on tahr64 6.0.5.

The yad source is available from https://sourceforge.net/projects/yad-dialog/files/.
The encfs source is available from https://github.com/vgough/encfs/tarball/master.

gyro

Working ok on Slacko 6.9.6.4 using the encfs sfs.
Only issue is that when I mount the plaintext directory and click on it, I get an
"Error scanning '/mnt/home/hold': Can't stat directory: No such file or directory" dialogue box.
It does exist though, and works as expected.

Starting from terminal: No other output. As I said, everything is working correctly as far as I can tell.

Keef wrote:Only issue is that when I mount the plaintext directory and click on it, I get an
"Error scanning '/mnt/home/hold': Can't stat directory: No such file or directory" dialogue box.

I've seen this error message, but only very rarely. I wonder if it's a timing issue.
I've noticed that if you choose "paranoia" level encryption, it takes significantly longer to mount.
The strange thing is that the plaintext directory is a real normal directory. It's the contents of the plaintext directory that don't actually exist on disk.

Keef wrote:Starting from terminal:

Code: Select all

# dircrypt 
encfsctl: /lib/libcrypto.so.1.0.0: no version information available (required by encfsctl)
encfsctl: /lib/libssl.so.1.0.0: no version information available (required by encfsctl)
encfs: /lib/libcrypto.so.1.0.0: no version information available (required by encfs)
encfs: /lib/libssl.so.1.0.0: no version information available (required by encfs)

I have never seen these warning messages, and I have quite frequently ran dircrypt from a terminal.
If you are using my encfs binaries, it could be a difference between Slacko and Ubuntu, I compiled the 32 bit binaries on tahrpup 6.0.5. (I should add a note to that effect in first post.)
Compiling on Slacko might make a difference.

Thanks for testing.

gyro

Did a very fast careless test and manage to wipe both the folder I was trying to encrypt and my home folder (no harm was just a test).
Caveat, you might want to add a check to make sure that the mount point is really empty. Also if mount fails, to eliminate the mount point info.
Finally you may want to add an (obvious) option to decrypt the folder.

mavrothal wrote:Caveat, you might want to add a check to make sure that the mount point is really empty.

I'll add checking that both directories are in fact empty before proceeding, in the "Setup" code.

mavrothal wrote:Finally you may want to add an (obvious) option to decrypt the folder.

I don't understand this statement.
With encryption facilities like "encfs" and "gocryptfs", you don't decrypt the directory, you mount the encrypted directory as the plaintext directory, then access the apparently decrypted files via the plaintext directory.

Normal creation method:
1) Define 2 empty directories, one will be encrypted one will be plaintext.
2) "Setup and Mount encrypted stash"
3) Add plaintext files to the plaintext directory. They will actually be stored on disk as encrypted files in the encrypted directory.
4) "Unmount encrypted stash"

Normal access method:
1) "Mount encrypted stash"
2) Access the apparently decrypted files in the plaintext directory.
3) "Unmount encrypted stash"

gyro

Upgraded to "dircrypt-0.2.sfs".
Added check for non empty directories in the "Setup" code.
See first post for download.
gyro

gyro wrote:Upgraded to "dircrypt-0.2.sfs".
Added check for non empty directories in the "Setup" code.
See first post for download.
gyro

@gyro have you seen folderenc in fd710? It's a RoxApp.

smokey01 wrote:@gyro have you seen folderenc in fd710? It's a RoxApp.

No
gyro

gyro wrote:

smokey01 wrote:@gyro have you seen folderenc in fd710? It's a RoxApp.

No
gyro

It works very well in FD710 so it may help you solve your problem.
Cheers

"dircrypt-0.3.sfs" is available for download.

For a screen shot, and information about dircrypt, please visit https://www.fishprogs.software/puppy/di ... _help.html.

This version has been updated to work with the "gocryptfs" avaiable in the Puppy Package Manager of recent upups.
And the 64bit "gocryptfs" available from https://github.com/rfjakob/gocryptfs/releases.
Of course it still supports the "encfs" found in the Puppy Package Manager of many Puppies.

This version includes, and uses, it's own copies of "yad" binaries, both 32bit and 64bit.
This is so that it will work "out of the box", even in Puppies with rather ancient versions of "yad".
Unfortunately this means that it's a lot bigger (144MiB), and hence not attached here.

To use:

1. Install "gocryptfs" or "encfs".
To use the 64bit "gocryptfs" from https://github.com/rfjakob/gocryptfs/releases,
extract the tar.gz file, and then move the "gocryptfs" binary file to "/root/my-applications/bin/".
If you can't obtain "gocryptfs" and there's no "encfs" available via your Puppy Package Manager,
then you can download a 32bit "encfs" as "yad_encfs_bin32-0.1.sfs"

2. Download "dircrypt-0.3.sfs" and then load it as an extra sfs.

3. In the menu select "Filesystem -> Dircrypt encrypt directory".

Edit: The files "dircrypt-03.sfs" and "yad_encfs_bin32-0.1.sfs", can be downloaded from http://www.mediafire.com/folder/2scl6j5e09xxb/dircrypt

gyro

As an alternative source of 32bit "encfs", download "encfs_bin32.tar.gz" from http://www.mediafire.com/folder/2scl6j5e09xxb/dircrypt.
Extract the tar.gz file, and then move the "encfs" and "encfsctl" binary files to "/root/my-applications/bin/".

gyro

Moved download files to "mediafire".

gyro