Ubuntu – Ecryptfs – Encrypt second folder (for dropbox) in addition to encrypted home folder


I've encrypted my home partition in Ubuntu (15.10 currently).
Now I am trying to encrypt a single directory so that I can use it to sync. with e.g. dropbox securely.

Therefore, I need a new ecryptfs-directory.

  • A nested encryption (encrypted directory inside home) does not work.
  • The command ecryptfs-mount-private shows the error that I already have an encrypted passphrase (probably from the encrypted home directory?).

Therefore, I created via sudo mount -t ecryptfs /encrypted /decrypted a new directory pair at the root level (outside home).
While I am able to mount it manually, I am not sure how I can mount it automatically – in addition to the encrypted home directory.
I've found a description here (see here), where I put the mount command into the fstab file. First, it does not work. Second, it also seems that my passphrase would be stored in clear text with this solution?

So I am wondering whether there are better solutions? Thank you very much 😉
Certainly, this will help everybody who encrypts her/his home partition and wants to encrypt the files which are uploaded to dropbox or owncloud.

Best Answer

eCryptFS is not designed for cloud storage. It assumes it is the only application accessing your ciphertexts and runs into undefined behavior when some other application (say your Dropbox client) modifies them. EncFS also has its problems as explained here.

You might want to take a look at CryFS https://www.cryfs.org

Related Question