{"id":21171609,"url":"https://github.com/0k/ecryptfs-mount","last_synced_at":"2025-07-20T01:31:37.442Z","repository":{"id":147001809,"uuid":"50711961","full_name":"0k/ecryptfs-mount","owner":"0k","description":null,"archived":false,"fork":false,"pushed_at":"2016-02-02T02:38:02.000Z","size":3,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-06-26T23:18:50.968Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0k.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-01-30T06:14:36.000Z","updated_at":"2023-07-20T10:08:43.000Z","dependencies_parsed_at":"2023-04-04T20:05:00.456Z","dependency_job_id":null,"html_url":"https://github.com/0k/ecryptfs-mount","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/0k/ecryptfs-mount","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0k%2Fecryptfs-mount","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0k%2Fecryptfs-mount/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0k%2Fecryptfs-mount/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0k%2Fecryptfs-mount/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0k","download_url":"https://codeload.github.com/0k/ecryptfs-mount/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0k%2Fecryptfs-mount/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266053824,"owners_count":23869496,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-20T16:08:43.137Z","updated_at":"2025-07-20T01:31:37.420Z","avatar_url":"https://github.com/0k.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"Syntaxic sugar for mounting a path with ``ecryptfs`` and a key.\n\n\nDisclaimer\n==========\n\nI'm not a security expert nor have any significant experience in\ncryptography. This command circumvent what appears to me as\nconvolutions to reach the goal I was trying to achieve.\n\nThis command SHOULD NOT BE USED if you want to protect yourself\nfrom attacker that could have any type of access to the host\nwhere you'll execute this mount.\n\n- the key is visible to anyone in the process list.\n\n- the key appears in command history\n\n- the key is in clear in the memory of the computer\n\nYou can use it to create encrypted backups on a safe computer\nto send the encrypted version to an unsafe location. Please remember\nthou, that you should not use this command on this remote location\neven once to take a peek to your actual backup contents.\n\n\nPlease send me any comments about your concerns here so I can add some\ngeneral remarks on the solidity of this process.\n\nAnd be aware that this solution in such light is maybe insecure.\n\n\nDescription\n===========\n\nQuick command to mount a directory with a password::\n\n   ecryptfs-mount PATH KEY\n\n\nExample\n=======\n\nSimple and quick session::\n\n   $ mkdir /tmp/path\n   $ ecryptfs-mount /tmp/path n0VmdZhgcs97Dik6_jG6V3Hjispo3P\n\nStoring \"hello\" in ``afile``::\n\n   $ echo \"hello\" \u003e /tmp/path/afile\n\nLet's unmount and see the result::\n\n   $ umount /tmp/path\n   $ ls /tmp/path/\n   ECRYPTFS_FNEK_ENCRYPTED.FWaDRV66PWjAr-SLB2Obuz6Sf4pBONycQQbfoCLv5EndmxDcajuLjc4xHE--\n\nThere, it's encrypted.\n\nYou could then send this encrypted folder to another host::\n\n    $ scp -r /tmp/path otherhost:path\n\n\\.. or mount it in a docker (note the ``--cap-add SYS_ADMIN``)::\n\n    $ docker run -ti \\\n        -v /tmp/path:/root/protected \\\n        --cap-add SYS_ADMIN\n        myimage\n\n\\.. or send it to a backup server::\n\n    $ rsync -avRz /tmp/path otherhost:/backups\n\n.. or tar it, compress it, and store it anywhere.\n\nAnd if you want to get the content back, on any of these devices::\n\n    $ ecryptfs-mount /encrypted/location n0VmdZhgcs97Dik6_jG6V3Hjispo3P\n    $ ls /encrypted/location\n    afile\n    $ cat /encrypted/location/afile\n    hello\n    $ umount /encrypted/location\n\nIf you don't have the correct password::\n\n    $ ecryptfs-mount /encrypted/location BAD_PASSWORD\n    $ cat /encrypted/location/afile\n    cat: /encrypted/location/afile: No such file or directory\n    $ umount /encrypted/location\n\n\nMount Options\n=============\n\nYou can set your desired mount options with environment variables::\n\n    $ ecryptfs_enable_filename_crypto=y \\\n    \u003e ecryptfs_passthrough=n \\\n    \u003e ecryptfs_key_bytes=16 \\\n    \u003e ecryptfs_cipher=aes \\\n    \u003e ecryptfs-mount /mnt/path n0VmdZhgcs97Dik6_jG6V3Hjispo3P\n\nIf you don't, these are the default values.\n\n\nDebugging\n=========\n\nIf something goes wrong, please launch the command with setting\n``$VERBOSE`` environment variables, for instance::\n\n    VERBOSE=1 ecryptfs-mount /mnt/path n0VmdZhgcs97Dik6_jG6V3Hjispo3P\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0k%2Fecryptfs-mount","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0k%2Fecryptfs-mount","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0k%2Fecryptfs-mount/lists"}