encfs fails to load config .encfs5
I want to do encrypted backups to an FTP server with curlftpfs + encfs + rsync.
I mount an FTP server storage space with: Code:
curlftpfs -o user=username:pw ftp://ftp.server.com/backup /mnt/ftp Code:
cat $HOME/keyfile | encfs -v -S /mnt/ftp /mnt/encfs Code:
09:35:42 (main.cpp:642) Root directory: /mnt/ftp/ If I use encfs with local folders, there is no problem. Example: Code:
encfs $HOME/encrypted $HOME/unencrypted |
Well, I found the cause, but not a way to solve it. For some reason, curlftpfs denies the access to .encfs5 every second time or very randomly.
When I run cat /mnt/ftp/.encfs5, every second time the command succeeds and other times returns "Permission denied". This is from curlftpfs debug output: Code:
LOOKUP /.encfs5 My software versions: libcurl4-7.18.0-1mdv2008.1 curlftpfs-0.9.1-2mdv2008.0 curl-7.18.0-1mdv2008.1 libcurl3-7.15.5-2.1mdv2007.0 encfs-1.3.1-1mdv2007.0 libencfs1-1.3.1-1mdv2007.0 fuse-2.5.3-3mdk dkms-fuse-2.5.3-3mdk libfuse2-devel-2.6.3-1mdv2007.1 libfuse2-2.6.3-1mdv2007.1 |
Well, I solved the actual problem with the following loop:
Code:
while ! cat /mnt/ftp/.encfs5 >/dev/null However... there is another problem: I can't cat a keyfile to encfs to automate the backup with -S (like in my first post). Otherwise encfs returns "decode failed", claiming the password is incorrect, even though the configuration was created with the same keyfile to begin with! So I have to enter the password manually, meaning I can't automate my backups... :( Any solution? |
As I dig further into this, more problems occur...
For some reason rsync can only create directories on the encfs filesystem, files are not copied at all. I can cp my files to there or use a synchronization utility I wrote with FreePascal years ago. These succeed in copying files, but rsync fails. How is rsync writing the files differently? Any way to change it to behave like cp with copying? |
Ive had the same problem with moving an encrypted folder to another filesystem...I get the same exact error that you first stated...
Im wondering if it has something to do with how encfs encrypts the data on the filesystem...for instance on a filesystem a file named umpitysquat is acctually a hardlink to an inode on the filesystem itself...so maybe encfs is only encrypting the hardlink and when you move the hardlink to another filesystem the link is lost... This would also mean that the data is not encrypted at the inode layer and could be recovered unencrypted with forensic tools... I could be way off base here but just my theory.... |
Quote:
I doubt the true security of any encryption method that doesnt involve encrypting the filesystem itself.. |
All times are GMT -5. The time now is 04:09 AM. |