WEDOS Disk – encrypted EncFS

  WEDOS Disk

EncFS Encfs offers the ability to encrypt files, not the partition of your hard disk. Encfs creates transparent encryption space, which is encrypted and kept in the background (On the Fly). Encrypted files are in a specific directory. Everything runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem.

Now we will show instructions for the operating system CentOS and Debian/Ubuntu


A test version of the operating system was CentOS 6.3 64-bit

We expect that WEDOS Disk is connected to the /mnt/wedosdisk via the SMB protocol

  • As first install the EncFS by command
yum install fuse-encfs
  • Next, create a folder for encrypted and decrypted files
mkdir -p /mnt/wedosdisk
mkdir -p home/decrypted
  • The decrypted directory used as the mount point for the encrypted directory. For connection, use this command.
encfs /mnt/wedosdisk home/nesifrovane
  • If you are connecting a directory for the first time, you must set a password for EncFS encrypted volume

Correct setting of the volume looks like this:

Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
? "p"

Paranoia configuration selected.

Here select the option “P”

  • And continue to set a password for the encrypted volume:
Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism. However, the password can be changed
later using encfsctl.

New Encfs Password: your_secret
Verify Encfs Password: your_secret
  • Check the connection of volume

The result can be found in the following statement:

encfs on /mnt/wedosdisk type fuse.encfs (rw,nosuid,nodev,default_permissions)

df -h

The result can be found in the following statement:

encfs 30G 1017M 27G 4% /mnt/wedosdisk
  • Example of an unencrypted directory with the command ls -l

[root@root nesifrovane]# ls -l
total 8
-rw-r–r–. 1 root root 1307 Oct 23 18:23 výroba atomové bomby.txt
-rw-r–r–. 1 root root 1307 Oct 23 18:23 výroba tnt.txt

  • Example of an encrypted directory with the command ls -l

[root@root wedosdisk]# ls -l
total 8
-rw-r–r–. 1 root root 1331 Oct 23 18:23 NdPOzA2s9FgJF1CWmHfaDySz
-rw-r–r–. 1 root root 1331 Oct 23 18:23 RZHOHxrRI9QQzHzul14X,3uJPx8Dc,sEeJVNeaSQJFG501

  • For disconnecting of decrypted volume, use this command
fusermount -u home/nesifrovane
  • Check volume dismounting

Execute commands mount and df -h and there are no volumes as in the previous statement.

  • Reconnecting the volume, by using the
encfs /mnt/wedosdisk home/nesifrovane

By the following entire process is completed. After editing encrypted files always disconnect the unencrypted volume


A test version of the operating system was Ubuntu 12.04 64bit

  • As first install the EncFS
sudo apt-get install encfs
  • Other configuration and operation is the same as for CentOS