LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-22-2008, 01:45 AM   #1
make
Member
 
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 195

Rep: Reputation: 30
encfs fails to load config .encfs5


I want to do encrypted backups to an FTP server with curlftpfs + encfs + rsync.

I mount an FTP server storage space with:
Code:
curlftpfs -o user=username:pw ftp://ftp.server.com/backup /mnt/ftp
Then I try to mount the folder with encfs:
Code:
cat $HOME/keyfile | encfs -v -S /mnt/ftp /mnt/encfs
I get this:
Code:
09:35:42 (main.cpp:642) Root directory: /mnt/ftp/
09:35:42 (main.cpp:643) Fuse arguments: (daemon) (threaded) (keyCheck) (useStdin) encfs /mnt/encfs -s -o use_ino -o default_permissions 
09:35:42 (FileUtils.cpp:185) Found config file /mnt/ftp/.encfs5, but failed to load
Creating new encrypted volume.
Why?? Why does it fail to load the config file .encfs5 and wants to create a new one? When I continue creating a new config, like it wants, the next time I try to mount the folder with encfs, it fails to load it again and wants to create a new config.

If I use encfs with local folders, there is no problem. Example:
Code:
encfs $HOME/encrypted $HOME/unencrypted
This causes no issues, I can umount and mount the folders again with encfs and it succeeds in loading its config file always. But it won't work with curlftpfs...
 
Old 09-22-2008, 01:56 AM   #2
make
Member
 
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 195

Original Poster
Rep: Reputation: 30
Well, I found the cause, but not a way to solve it. For some reason, curlftpfs denies the access to .encfs5 every second time or very randomly.

When I run cat /mnt/ftp/.encfs5, every second time the command succeeds and other times returns "Permission denied". This is from curlftpfs debug output:
Code:
LOOKUP /.encfs5
   NODEID: 7
   unique: 173, error: 0 (Success), outsize: 136
unique: 174, opcode: OPEN (14), nodeid: 7, insize: 48
   unique: 174, error: -13 (Permission denied), outsize: 16
unique: 175, opcode: LOOKUP (1), nodeid: 1, insize: 48
LOOKUP /.encfs5
   NODEID: 7
   unique: 175, error: 0 (Success), outsize: 136
unique: 176, opcode: OPEN (14), nodeid: 7, insize: 48
OPEN[134788520] flags: 0x8000
   unique: 176, error: 0 (Success), outsize: 32
unique: 177, opcode: READ (15), nodeid: 7, insize: 64
READ[134788520] 4096 bytes from 0
   READ[134788520] 239 bytes
   unique: 177, error: 0 (Success), outsize: 255
unique: 178, opcode: FLUSH (25), nodeid: 7, insize: 56
FLUSH[134788520]
   unique: 178, error: 0 (Success), outsize: 16
unique: 179, opcode: RELEASE (18), nodeid: 7, insize: 56
RELEASE[134788520] flags: 0x8000
   unique: 179, error: 0 (Success), outsize: 16
This behaviour has no sense at all. Any ideas?

My software versions:
libcurl4-7.18.0-1mdv2008.1
curlftpfs-0.9.1-2mdv2008.0
curl-7.18.0-1mdv2008.1
libcurl3-7.15.5-2.1mdv2007.0
encfs-1.3.1-1mdv2007.0
libencfs1-1.3.1-1mdv2007.0
fuse-2.5.3-3mdk
dkms-fuse-2.5.3-3mdk
libfuse2-devel-2.6.3-1mdv2007.1
libfuse2-2.6.3-1mdv2007.1

Last edited by make; 09-22-2008 at 02:10 AM.
 
Old 09-22-2008, 02:36 AM   #3
make
Member
 
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 195

Original Poster
Rep: Reputation: 30
Well, I solved the actual problem with the following loop:
Code:
while ! cat /mnt/ftp/.encfs5 >/dev/null
do
        sleep 3
done
encfs /mnt/ftp /mnt/encfs
It tries to cat the file, until curlftpfs says no more "Permission denied". Then it mounts it with encfs.

However... there is another problem: I can't cat a keyfile to encfs to automate the backup with -S (like in my first post). Otherwise encfs returns "decode failed", claiming the password is incorrect, even though the configuration was created with the same keyfile to begin with!

So I have to enter the password manually, meaning I can't automate my backups... Any solution?
 
Old 09-22-2008, 06:09 AM   #4
make
Member
 
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 195

Original Poster
Rep: Reputation: 30
As I dig further into this, more problems occur...

For some reason rsync can only create directories on the encfs filesystem, files are not copied at all. I can cp my files to there or use a synchronization utility I wrote with FreePascal years ago. These succeed in copying files, but rsync fails.

How is rsync writing the files differently? Any way to change it to behave like cp with copying?
 
Old 01-08-2009, 03:46 PM   #5
deepsix
Member
 
Registered: Apr 2003
Distribution: ANY
Posts: 339

Rep: Reputation: 32
Ive had the same problem with moving an encrypted folder to another filesystem...I get the same exact error that you first stated...

Im wondering if it has something to do with how encfs encrypts the data on the filesystem...for instance on a filesystem a file named umpitysquat is acctually a hardlink to an inode on the filesystem itself...so maybe encfs is only encrypting the hardlink and when you move the hardlink to another filesystem the link is lost...

This would also mean that the data is not encrypted at the inode layer and could be recovered unencrypted with forensic tools...

I could be way off base here but just my theory....
 
Old 01-08-2009, 04:09 PM   #6
deepsix
Member
 
Registered: Apr 2003
Distribution: ANY
Posts: 339

Rep: Reputation: 32
Quote:
Originally Posted by deepsix View Post
Ive had the same problem with moving an encrypted folder to another filesystem...I get the same exact error that you first stated...

Im wondering if it has something to do with how encfs encrypts the data on the filesystem...for instance on a filesystem a file named umpitysquat is acctually a hardlink to an inode on the filesystem itself...so maybe encfs is only encrypting the hardlink and when you move the hardlink to another filesystem the link is lost...

This would also mean that the data is not encrypted at the inode layer and could be recovered unencrypted with forensic tools...

I could be way off base here but just my theory....




I doubt the true security of any encryption method that doesnt involve encrypting the filesystem itself..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Desktop fails to load tm2383 SUSE / openSUSE 1 10-22-2007 06:48 PM
cinelerra fails to load allohakdan Ubuntu 0 10-08-2006 02:01 PM
WDM fails to load properly: wdm-config is blank Paul8032 Linux - Software 0 10-07-2006 03:01 AM
Grub Config - Windows fails to load Greebstreebling Linux - Desktop 1 09-02-2006 12:12 PM
GUI fails to load eqisow SUSE / openSUSE 2 06-13-2005 10:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 02:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration