SYNOPSIS

encfsctl [command command_args]

encfsctl rootdir

encfsctl info rootdir

encfsctl passwd rootdir

encfsctl showcruft rootdir

encfsctl decode [--extpass=prog] rootdir [encoded name ...]

encfsctl encode [--extpass=prog] rootdir [plaintext name ...]

DESCRIPTION

encfsctl is an administrative tool for working with EncFS filesystems. It is capable of changing the user supplied password, displaying basic information about an encrypted volume, and other related operations.

COMMANDS

info

Display basic information about the filesystem. Takes a single argument, rootdir, which is the root directory of the encrypted filesystem. The filesystem need not be mounted. Info is also the default command if only a root directory is provided on the command line.

passwd

Allows changing the password of the encrypted filesystem. The user will be prompted for the existing password and the new password.

showcruft

Recursively search through the entire volume and display all files which are not decodable (only checks filename encoding, not block \s-1MAC\s0 headers). This might be useful for cleanup in case you've made use of features which create files which are not decodable under the primary key.

decode

Allows you to specify an encoded name on the command line, and displays decoded version. This is mostly useful for debugging, as debug messages always display encrypted filenames (to avoid leaking sensitive data through the debug channels). So this command provides a way to decode the filenames. The --extpass option can be used to specify the program which returns the password - just like with encfs. If no names are specified on the command line, then a list of filenames will be read from stdin and decoded.

encode

Allows you to specify a filename on the command line, and displays its encoded version. This is useful if e.g. you are taking a backup of an encrypted directory and would like to exclude some files. The --extpass option can be used to specify the program which returns the password - just like with encfs. If no names are specified on the command line, then a list of filenames will be read from stdin and encoded.

EXAMPLES

Show information about an encrypted filesystem:

 % encfsctl info ~/.crypt

Version 5 configuration; created by EncFS 1.1 (revision 20040504) Filesystem cipher: "ssl/aes" , version 2:1:1 Filename encoding: "nameio/block" , version 3:0:1 Key Size: 192 bits Block Size: 512 bytes Each file contains 8 byte header with unique IV data. Filesname encoded using IV chaining mode.

DISCLAIMER

This library is distributed in the hope that it will be useful, but \s-1WITHOUT\s0 \s-1ANY\s0 \s-1WARRANTY\s0; without even the implied warranty of \s-1MERCHANTABILITY\s0 or \s-1FITNESS\s0 \s-1FOR\s0 A \s-1PARTICULAR\s0 \s-1PURPOSE\s0. Please refer to the \*(L"\s-1COPYING\s0\*(R" file distributed with encfs for complete details.

AUTHORS

EncFS was written by Valient Gough <[email protected]>.

RELATED TO encfsctl…

encfs\|(1)