I only want to encrypt my Documents folder. Be aware that VMWARE stored the virtual machine files under this folder, you should move it to outside Documents.
WARNING:
Be careful with this tutorial, Write down your password somewhere and BACKUP your data before going further these steps.
if you forget your password, say good bye to your data.
THERE IS NO WAY TO GET YOUR DATA BACK!!!
TOOLS required:
# update your ports to get the latest encfs that runs ok on OSX10.5
$ sudo port selfupdate
# install encfs
$ sudo port install encfs
Lets move The Documents folder contents to another folder:
$ cd
$ mkdir temp_documents
$ mv Documents/* temp_documents/
Create the directory to hold the encrypted files, it can be any name.
Run this only one time. The first time to setup the folder...
$ mkdir .documents
Setup the encryption
$ encfs ~/.documents/ ~/Documents/
you will see this:
fred@Macintosh ~ $ encfs ~/.documents/ ~/Documents/
Creating new encrypted volume.
Please choose from one of the following options:
enter "x" for expert configuration mode,
enter "p" for pre-configured paranoia mode,
anything else, or an empty line will select standard mode.
now, after you pass this step, the file system will be mounted as well.
encfs uses FuseFS, so it behaves just like a mount point
to unmount it you do
$ unmount ~/Documents
to mount it again issue this command:
$ encfs ~/.documents/ ~/Documents/
# or this way, which will look with better names and a folder icon on Desktop:
$ encfs ~/.documents/ ~/Documents/ -- -o fsname=Documents -o volname=Documents -o local
to check mounted filesystems
$ mount
you should be able to see:
encfs@fuse2 on /Users/fred/Documents (fusefs, nodev, nosuid, synchronous, mounted by fred)
or this if you used the longer command.
Documents on /Users/fred/Documents (fusefs, local, nodev, nosuid, synchronous, mounted by fred)
Now, with the encrypted folder "mounted", mv the data from that temp folder to the new encrypted folder:
WARNING: be carefull here
$ cp temp_documents/* Documents/
$ rm -rf temp_documents/
that's it folks.
Final overview:
to create the encrypted folder: $ encfs ~/.documents/ ~/Documents/
to Mount it (enable) $ encfs ~/.documents/ ~/Documents/ or $ encfs ~/.documents/ ~/Documents/ -- -o fsname=Documents -o volname=Documents -o local
to Umount it (disable) $ umount ~/Documents
never remove .documents folder, or touch it. don't change anything inside .documents
remember the dot in the front means the folder is invisible you won't see it in Finder.
This also should work for Linux.
I prefer to encrypt the lot, as there tends to be a lot of Stuff that is cache'd in ~/Library (which might be very revealing!) :)
Thanks for the link to EncFSVault. Looks like it will do the job rather nicely.
~ James
the "Lot" seems quite big :)
hey, so which kind of revealing data you have in Library?
I could guess, browsers saved passwords? (safari, firefox) if you are not using key-chain.
Password saving in OSX uses key-chain by default, you type the key-chain password once when you login.
so if some takes your cache files somehow they will still need your keychain password to decrypt the passwords?
I am not really sure how it works...