LinuxCommandLibrary

gocryptfs

Encrypt files using a directory filesystem

TLDR

Initialize an encrypted filesystem

$ gocryptfs -init [path/to/cipher_directory]
copy

Mount an encrypted filesystem
$ gocryptfs [path/to/cipher_directory] [path/to/mount_point]
copy

Mount with the explicit master key instead of password
$ gocryptfs --masterkey [path/to/cipher_directory] [path/to/mount_point]
copy

Change the password
$ gocryptfs --passwd [path/to/cipher_directory]
copy

Make an encrypted snapshot of a plain directory
$ gocryptfs --reverse [path/to/plain_directory] [path/to/cipher_directory]
copy

SYNOPSIS

gocryptfs [options...] CIPHERDIR MOUNTPOINT

PARAMETERS

-init
    Initialize new encrypted filesystem in CIPHERDIR

-passfile FILE
    Read password from FILE instead of stdin

-extpass PROG
    Use external program PROG to retrieve password

-scramble PASS
    Scramble paths with additional PASS

-reverse
    Reverse mode: mount plaintext to encrypted view

-fsname NAME
    Override filesystem name (default: gocryptfs.FSID)

-diriv
    Use directory IV for file keys (EMM)

-dirkey
    Use directory key for file keys

-hkdf
    Use HKDF to derive file keys (default)

-pbkdf SEL
    Password-based KDF: scrypt (default), argon2id

-idle MINUTES
    Unmount after MINUTES of idle time

-uid UID
    Set owner UID

-gid GID
    Set owner GID

-umask UMASK
    Set file mode umask

-f
    Foreground operation (don't daemonize)

-nosyslog
    Don't log to syslog

-ro
    Mount read-only

-o opt
    Pass FUSE option OPT

-q, --quiet
    Quiet mode, less output

-h, --help
    Show help

-V, --version
    Show version

DESCRIPTION

gocryptfs is a user-space encrypted filesystem for Linux, built on FUSE. It provides transparent encryption, mounting an encrypted directory (cipherdir) to a decrypted mountpoint. Files written to the mountpoint are automatically encrypted on disk, and reads are decrypted on-the-fly.

Key features include AES-256-GCM encryption with per-file keys derived from a master key (user password), support for plausible deniability via reverse mode, path scrambling, and streaming-friendly long nonce mode. It's faster and more secure than legacy tools like EncFS due to forward secrecy and integrity protection.

Usage is straightforward: initialize a new volume with -init, then mount with a password. Supports password files, external programs for passphrases, and options for read-only mounts or idle unmounts. Actively maintained, cross-platform (Linux primary), and suitable for backups, personal data, or portable encrypted volumes on USB drives.

Security relies on strong passphrases; it prevents offline attacks via authenticated encryption but is vulnerable to live compromises if mounted.

CAVEATS

User-space FUSE: performance overhead vs kernel crypto. Not for high-throughput or whole-disk use. Requires FUSE kernel module. Weak passwords enable brute-force attacks.

SECURITY NOTES

AES-256-GCM ensures confidentiality/integrity. Per-file keys prevent pattern leaks. Use long passphrases with Argon2id.

PERFORMANCE TIPS

Optimized for SSDs; enable -diriv for large dirs. Avoid over nested mounts.

HISTORY

Created by Jakob Borg in 2015 in Go as secure EncFS replacement. GitHub-hosted, version 2.4+ adds Argon2id. Widely used for portable encryption.

SEE ALSO

encfs(1), cryfs(1), fusermount(1), mount.fuse(8)

Copied to clipboard