How to encrypt individual folders?
Solution 1
Cryptkeeper
WARNING: CryptKeeper has recently been reported that it has a universal password bug that puts your data at potential risk. This issue may not yet be fixed in Ubuntu, use this solution at your own risk.
Relevant bug information links:
Upstream bug: https://github.com/tomm/cryptkeeper/issues/23
Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852751
sudo apt-get install cryptkeeper
After installing, go to Applications –> System Tools –> Cryptkeeper.
Cryptkeeper will automatically attach itself to the top panel
To create an encrypted protected folder, click on Cryptkeeper applet and select ‘New encrypted folder’
Then type the folder name and where to save the folder and click ‘Forward’.
Type the password and click ‘Forward’.
The folder will be created and ready to be used.
To access all encrypted folder, click on Cryptkeeper applet on the panel and select each folder.
Type the password before it is mounted to be accessed.
Done
To delete a folder or change the password, right-click the folder in the panel-applet.
Solution 2
eCryptfs
EncryptedPrivateDirectory Method.
Search for and install ‘ecryptfs-utils’ in Ubuntu Software Center:
After installing, go to Applications –> Accessories –> Terminal and run the command below:
ecryptfs-setup-private
You’ll be prompted to type your login passphrase (password), and to create one for your private folder:
When you’re done creating your password, Log Out and Log back in:
Next, go to Places –> Home Folder:
And new folder should be created in your home directory called ‘Private’. This folder in encrypted and password-protected. Move all your personal stuff into this folder to secure them:
Users without access to the folder will be denied:
Solution 3
You have 2 choices if you want to lock down a folder from other users
Encrypt or create a compressed password protect archive of the files. This method (Cryptkeeper) is perfect for this case when you need to be 100% sure no one will ever look at your files without knowing the password used there.
Use your computer folder / file permissions to deny access to your folder to other user.
The first involves making sure that the result cannot be opened by any user without knowing the password used.
The second will only change the file / folder privileges so that another user without rights cannot open it. The folder still exists, can be accessed by any user with sudo
rights in your system or using a LiveCD and reading the partition. It is also simpler to implement and does not require that you type a password all the time you need to open / mount the encrypted folder / archive.
An easy and fast way to do so is using chmod
to change the privileges for a file or folder.
Open a terminal and navigate to the place where your folder is, lets assume that the folder name is foo
and that we are currently located where the folder is.
chmod 700 foo
will make foo
only available for your eyes, its not encrypted (that is also possible) but only your user (and or a user with sudo privileges) can read or open that file / folder.
You can also do it graphically by right clicking on a file or folder and changing its permissions manually. In the example below you as owner have all privileges and you deny any other group or user from accessing, reading or modifying that file / folder
For more information about file / folder permissions visit the Ubuntu Understanding and Using File Permissions
wiki page.
Solution 4
CryFS
You can use CryFS:
cryfs basedir mountdir
It is used by default in KDE Vaults and is particularly interesting if you synchronize the encrypted content over Dropbox, Freefilesync, rsync or similar software, because it keeps its data in small encrypted blocks and changing a small file results in only a small amount of data to be re-uploaded.
Solution 5
Vault
Last update: Aug 4, 2012
You can try Vault, recent project by an ubuntu-gr member (greek local community).
PPA:
sudo add-apt-repository ppa:vault/ppa
sudo apt-get update
sudo apt-get install vault
It's a gui utility for encfs (package in repositories). I quote the package description:
$ apt-cache show encfs
Package: encfs
[...]
Description-en: encrypted virtual filesystem
EncFS integrates file system encryption into the Unix(TM) file system.
Encrypted data is stored within the native file system, thus no
fixed-size loopback image is required.
.
EncFS uses the FUSE kernel driver and library as a backend.
Homepage: http://www.arg0.net/encfs
You create a mountpoint/folder which you can then close or delete. If you close it, you need a password to open it.
Gonzoza
Updated on September 18, 2022Comments
-
Gonzoza over 1 year
Let's say that I have a folder, within my Documents folder, that has files I want no one to access without a password.
Is there a way to lock down that folder so that it's password protected / encrypted?
In fact, is it possible to password-protect any individual folder?
-
Aaron over 12 years+1 can't go wrong with those elusive yet simple solutions.
-
Gonzoza over 12 yearsSounds great, but doesn't make much sense. How do I simply "change the privileges" for a while or folder?
-
Gonzoza over 12 yearsBrilliant. I shall try that. EDIT: Hang on. Doesn't that only work if someone else is logged on to my PC? Right now, I am logged on - and am the only user - so therefore, I can access all those folders without typing in a password.
-
Jakob about 12 yearsIn case you can't see the panel icon run
gsettings set com.canonical.Unity.Panel systray-whitelist "['all']"
andunity --replace
. -
lumbric about 12 yearsSince "encryption" is mentioned in the question, I added a clarification in the answer. Feel free to improve it!
-
Bruno Pereira about 12 years@lumbric Ok, I have improved it a bit, thx for the heads up.
-
naught101 almost 12 yearsIs there a way to auto-mount this set-up on login?
-
RedactedProfile about 10 years@Jakob At least in 13.10,
com.canonical.Unity.Panel
doesnt exist, andsystray-whitelist
is an invalid key in all availableUnity.
schemas :( -
danza over 8 yearsCryptkeeper received bad ratings recently on the Ubuntu software center
-
Sandra Ross over 7 yearsThis method is interesting, but the problem comes from we can't introduce a password on an existing directory.
-
Admin over 7 yearsppa does not exist anymore.
-
Tim almost 6 yearsThanks. I was wondering if the permission bits set on a directory will be respected under both Windows and Ubuntu? See unix.stackexchange.com/questions/446364/…
-
arielf over 5 yearsI would advise against
cryfs
because it doesn't support (standard Unix) hard links. -
RoundDuckMan about 5 yearsDoesn't that depend on your use-case though? I guess don't use it for anything that requires a hard link?
-
akraf almost 3 yearsBe careful! CryFS seems not yet stable. They note this directly on their home page: "Let us notfiy you when CryFS is stable". For example, a recent bug on GitHub: "cryfs on top of rclone will destroy your data". There are also notes on stability in the README