From ArchWiki
Jump to: navigation, search

From gocryptfs:

gocryptfs uses file-based encryption that is implemented as a mountable FUSE filesystem. Each file in gocryptfs is stored one corresponding encrypted file on the hard disk.
The highlights are: Scrypt password hashing, GCM encryption for all file contents, EME wide-block encryption for file names with a per-directory IV.

See the gocryptfs project home for further introduction of its features, benchmarks, etc. See Disk encryption#Comparison table for an overview of alternative methods and EncFS for the direct alternative.


Install gocryptfsAUR or gocryptfs-gitAUR.

As a FUSE filesystem, gocryptfs is fully configurable by the user and stores its configuration files in the user's directory paths.


See gocryptfs(1) and its examples first.

  • To achieve its design goal of authenticated encryption, gocryptfs implements a AES-EME encryption mode (for filenames, not the content). While this mode is not widely used/audited yet, it offers integrity protection for the data, a feature not available for direct alternative encryption methods.
  • See the project's tracking bug report regarding findings of the first security audit for more information.
Tip: Execute gocryptfs -speed to test throughput for available encryption methods. Note the slowest AES-SIV-512-Go mode is required (and automatically selected) for reverse mode.

Example using reverse mode

A major application for file-based encryption methods are encrypted backups. FUSE-based filesystems are flexible for this, since they allow a wide array of backup destinations using standard tools. For example, a gocryptfs-encrypted FUSE mount point can be easily created directly on a Samba/NFS share or Dropbox location, synchronized to a remote host with rsync, or just be manually copied to a remote backup storage.

The reverse mode of gocryptfs is particularly useful for creating encrypted backups, since it requires virtually no extra storage capacity on the machine to back up.

The following shows an example of user archie creating a backup of /home/archie:

First, archie creates an empty directory for the encrypted view:

$ mkdir /tmp/crypt.archie

Second, user archie creates an encrypted view of the home directory:

$ gocryptfs -reverse /home/archie /tmp/crypt.archie
Decrypting master key

Your master key is:
Filesystem mounted and ready.

Third, archie creates a backup of the encrypted directory, a simple local copy for this example:

$ cp -a /tmp/crypt.archie /tmp/backup.archie

and done.

The encrypted directory can stay mounted for the user session, or be unmounted manually:

$ fusermount -u /tmp/crypt.archie
$ rmdir /tmp/crypt.archie

To restore from the encrypted backup, a plain-text view is mounted using gocryptfs's normal mode:

$ mkdir /tmp/restore.archie
$ gocryptfs /tmp/backup.archie /tmp/restore.archie
Decrypting master key
Filesystem mounted and ready.

Now the required files can be restored.

See also

  • A first security audit of gocryptfs
  • RFC5297 Synthetic Initialization Vector (SIV) Authenticated Encryption Using the Advanced Encryption Standard (AES)