I had a directory encrypted with encfs by MacFusion. I deleted some encfs file from there (something like .encfs6.xml, can't remember). I still have files and remember the password.
Now when I want to mount this directory as encfs one, encfs wants to create new encrypted volume there. Can I somehow force it to open existing instead of creating new one?
Best Answer
The
.encfs6.xmlfile contains metadata that describes the encryption of the user's files. This is the one file that shouldn't be deleted and the short answer is to say that encryption is impossible without it.Encfs works by using a passphrase to make a key (potentially low entropy because it's derived from user input) that is used to encrypt another machine-generated (high entropy) key that is used for file encryption. That key is stored encrypted inside
.encfs6.xmlas<encodedKeyData>like this:In theory, if you have that data and you know the passphrase used to encrypt it and you know all the ciper parameters used than you could decrypt using another tool such as OpenSSL. You'd need to look at the source code for encfs to work out exactly what it does and in what order but it would be possible to decrypt using another tool.
But you really need the parameters contained in the
.encfs6.xmlfile to be able to decrypt, even if you plan to do so without the encfs software. So it's kind-of pointless because, if if you had that information you could reconstruct the xml file by hand and use encfs anyway.