encfs/README.md

# EncFS - an Encrypted Filesystem

**This project is NOT maintained.  For details, see the [Status](#status) section.**

## About

EncFS provides an encrypted filesystem in user-space. It runs in userspace,
using the [FUSE library](https://github.com/libfuse/libfuse) for the filesystem interface. EncFS is open source
software, licensed under the LGPL.

EncFS was first released in 2003, making it one of the earlier FUSE filesystems!
I wrote it because I needed to encrypt my data while traveling, and the existing NFS and
kernel-based encrypted filesystems such as CFS had not kept pace with Linux
development.  When FUSE became available, I wrote a CFS replacement for my own
use and later released it to Open Source when it seemed stable.

EncFS encrypts individual files, by translating all requests for the virtual
EncFS filesystem into the equivalent encrypted operations on the raw
filesystem.

For more info, see:

 - The [encfs manpage](encfs/encfs.pod)
 - The technical overview in [DESIGN.md](DESIGN.md)

## Status

In the time since EncFS was written, a lot has changed in the security,
privacy, and computing landscapes. Computing power has increased enormously over
what a circa-2003 laptop can provide, and so it is no longer a performance burden
to encrypt the entire filesystem of a personal device. Software encryption has also
spread widely - data encryption is built into most systems and programs, so there is
far less of a need to have a separate encryption system.

EncFS has been dormant for a long time now. I haven't used or worked on EncFS in
many years. I've left the repository here because I don't want to prevent anyone
from using it if they have a need that can't be met otherwise. I'm sure that I have
some very old backups that would still require EncFS to access, so I expect that I
might have to compile it again someday.

Don't expect any updates on this project. You're free to fork it, of course, but
remember that this is a 20+yr old codebase which was only funded by personal
interest, so I wouldn't expect it to live up to modern-day coding standards.

If you're considering setting up a new encrypted filesystem wrapper, I'd recommend
looking into newer alternatives, such as the excellent [GoCryptFS](https://github.com/rfjakob/gocryptfs).

Thank you all for the early support, especially the FUSE author Miklos Szeredi,
and all the interesting discussions at Open Source and Linux meetups over the years.
Valient Gough
May 2024

## Unique Features

EncFS has a few features still not found anywhere else (as of Dec 2014)
that may be interesting to you:

### Reverse mode

`encfs --reverse` provides an encrypted view of an unencrypted folder.
This enables encrypted remote backups using standard tools like rsync.

### Fast on classical HDDs

EncFS is typically *much* faster than ecryptfs for stat()-heavy workloads
when the backing device is a classical hard disk.
This is because ecryptfs has to to read each file header to determine
the file size - EncFS does not. This is one additional seek for each
stat.
See [PERFORMANCE.md](PERFORMANCE.md) for detailed benchmarks on
HDD, SSD and ramdisk.

### Works on top of network filesystems

EncFS works on network file systems (NFS, CIFS...), while ecryptfs
is known to still have [problems][1].

[1]: https://bugs.launchpad.net/ecryptfs/+bug/277578

## Development

The master branch contains the latest stable codebase.  This is where bug fixes
and improvments should go.

The [dev](https://github.com/vgough/encfs/tree/dev) branch contains experimental
work, some of which may be back-ported to the master branch when it is stable. The
dev branch is not stable, and there is no guarantee of backward compatibility
between changes.

## Windows

EncFS works on Cygwin, there are also some Windows ports.

See [the wiki](https://github.com/vgough/encfs/wiki)
for additional info.

## FAQ

### What settings should I use for Dropbox?

Use **standard mode**. There [have](https://github.com/vgough/encfs/issues/141)
been [reports](https://github.com/vgough/encfs/issues/388)
of a pathological interaction of paranoia mode with Dropbox' rename
detection. The problem seems to be with `External IV chaining`, which is
not active in standard mode.
add README.md 2014-08-22 04:46:43 +02:00			`# EncFS - an Encrypted Filesystem`

Update project status in README (#671) Updates the project status. 2024-05-26 19:57:12 +02:00			`This project is NOT maintained. For details, see the [Status](#status) section.`
Add Travis CI config file and build status icon At the moment, the icon points to rfjakob's Travis account. This could/should be changed to vgough. 2014-10-12 18:49:41 +02:00
add README.md 2014-08-22 04:46:43 +02:00			`## About`

clarify comments on dev branch 2014-10-16 06:08:31 +02:00			`EncFS provides an encrypted filesystem in user-space. It runs in userspace,`
Update project status in README (#671) Updates the project status. 2024-05-26 19:57:12 +02:00			`using the [FUSE library](https://github.com/libfuse/libfuse) for the filesystem interface. EncFS is open source`
add README.md 2014-08-22 04:46:43 +02:00			`software, licensed under the LGPL.`

Update project status in README (#671) Updates the project status. 2024-05-26 19:57:12 +02:00			`EncFS was first released in 2003, making it one of the earlier FUSE filesystems!`
			`I wrote it because I needed to encrypt my data while traveling, and the existing NFS and`
			`kernel-based encrypted filesystems such as CFS had not kept pace with Linux`
add README.md 2014-08-22 04:46:43 +02:00			`development. When FUSE became available, I wrote a CFS replacement for my own`
Update project status in README (#671) Updates the project status. 2024-05-26 19:57:12 +02:00			`use and later released it to Open Source when it seemed stable.`
add README.md 2014-08-22 04:46:43 +02:00
			`EncFS encrypts individual files, by translating all requests for the virtual`
			`EncFS filesystem into the equivalent encrypted operations on the raw`
clarify comments on dev branch 2014-10-16 06:08:31 +02:00			`filesystem.`
add README.md 2014-08-22 04:46:43 +02:00
README.md: Add link to the man page github renders pod files beautifully, and encfs(1) is an excellent document. 2015-01-13 23:22:55 +01:00			`For more info, see:`

Update project status in README (#671) Updates the project status. 2024-05-26 19:57:12 +02:00			`- The [encfs manpage](encfs/encfs.pod)`
README.md: Add link to the man page github renders pod files beautifully, and encfs(1) is an excellent document. 2015-01-13 23:22:55 +01:00			`- The technical overview in [DESIGN.md](DESIGN.md)`
Rename README to DESIGN.md and link to it in README.md This document provides a nice overview and should be presented prominently. 2014-12-08 18:14:35 +01:00
add README.md 2014-08-22 04:46:43 +02:00			`## Status`

Update project status in README (#671) Updates the project status. 2024-05-26 19:57:12 +02:00			`In the time since EncFS was written, a lot has changed in the security,`
			`privacy, and computing landscapes. Computing power has increased enormously over`
			`what a circa-2003 laptop can provide, and so it is no longer a performance burden`
			`to encrypt the entire filesystem of a personal device. Software encryption has also`
			`spread widely - data encryption is built into most systems and programs, so there is`
			`far less of a need to have a separate encryption system.`
add README.md 2014-08-22 04:46:43 +02:00
Update project status in README (#671) Updates the project status. 2024-05-26 19:57:12 +02:00			`EncFS has been dormant for a long time now. I haven't used or worked on EncFS in`
			`many years. I've left the repository here because I don't want to prevent anyone`
			`from using it if they have a need that can't be met otherwise. I'm sure that I have`
			`some very old backups that would still require EncFS to access, so I expect that I`
			`might have to compile it again someday.`

			`Don't expect any updates on this project. You're free to fork it, of course, but`
			`remember that this is a 20+yr old codebase which was only funded by personal`
			`interest, so I wouldn't expect it to live up to modern-day coding standards.`

			`If you're considering setting up a new encrypted filesystem wrapper, I'd recommend`
			`looking into newer alternatives, such as the excellent [GoCryptFS](https://github.com/rfjakob/gocryptfs).`

			`Thank you all for the early support, especially the FUSE author Miklos Szeredi,`
			`and all the interesting discussions at Open Source and Linux meetups over the years.`
			`Valient Gough`
			`May 2024`
add README.md 2014-08-22 04:46:43 +02:00
Mention PERFORMANCE.md in README.md 2014-12-08 19:37:30 +01:00			`## Unique Features`

			`EncFS has a few features still not found anywhere else (as of Dec 2014)`
Update README.md Typo 2017-09-17 16:36:30 +02:00			`that may be interesting to you:`
Mention PERFORMANCE.md in README.md 2014-12-08 19:37:30 +01:00
			`### Reverse mode`

			`encfs --reverse` provides an encrypted view of an unencrypted folder.
			`This enables encrypted remote backups using standard tools like rsync.`

			`### Fast on classical HDDs`

			`EncFS is typically much faster than ecryptfs for stat()-heavy workloads`
			`when the backing device is a classical hard disk.`
			`This is because ecryptfs has to to read each file header to determine`
			`the file size - EncFS does not. This is one additional seek for each`
			`stat.`
			`See [PERFORMANCE.md](PERFORMANCE.md) for detailed benchmarks on`
			`HDD, SSD and ramdisk.`

			`### Works on top of network filesystems`

			`EncFS works on network file systems (NFS, CIFS...), while ecryptfs`
			`is known to still have [problems][1].`
README.md: Mention EncFS unique features 2014-10-20 21:10:45 +02:00
add donation section 2015-12-31 08:00:29 +01:00			`[1]: https://bugs.launchpad.net/ecryptfs/+bug/277578`

add README.md 2014-08-22 04:46:43 +02:00			`## Development`

clarify comments on dev branch 2014-10-16 06:08:31 +02:00			`The master branch contains the latest stable codebase. This is where bug fixes`
			`and improvments should go.`
add README.md 2014-08-22 04:46:43 +02:00
clarify comments on dev branch 2014-10-16 06:08:31 +02:00			`The [dev](https://github.com/vgough/encfs/tree/dev) branch contains experimental`
			`work, some of which may be back-ported to the master branch when it is stable. The`
			`dev branch is not stable, and there is no guarantee of backward compatibility`
			`between changes.`
add README.md 2014-08-22 04:46:43 +02:00
Notify about Win port. (#477) While there, let's make some history updates. 2018-03-17 15:34:32 +01:00			`## Windows`

Doc, redirect Win users to the Wiki (#511) 2018-04-23 10:35:09 +02:00			`EncFS works on Cygwin, there are also some Windows ports.`
Cygwin, documention links 2018-03-26 23:25:19 +02:00
Doc, redirect Win users to the Wiki (#511) 2018-04-23 10:35:09 +02:00			`See [the wiki](https://github.com/vgough/encfs/wiki)`
			`for additional info.`
Notify about Win port. (#477) While there, let's make some history updates. 2018-03-17 15:34:32 +01:00
README: Add FAQ for Dropbox (#390) Fixes https://github.com/vgough/encfs/issues/388 2017-08-26 08:30:15 +02:00			`## FAQ`

			`### What settings should I use for Dropbox?`

Document cloud usage in man page 2017-09-05 19:25:16 +02:00			`Use standard mode. There [have](https://github.com/vgough/encfs/issues/141)`
			`been [reports](https://github.com/vgough/encfs/issues/388)`
README: Add FAQ for Dropbox (#390) Fixes https://github.com/vgough/encfs/issues/388 2017-08-26 08:30:15 +02:00			`of a pathological interaction of paranoia mode with Dropbox' rename`
			detection. The problem seems to be with `External IV chaining`, which is
			`not active in standard mode.`