NAME
encfsctl - administrative tool for working with EncFS filesystems
SYNOPSIS
encfsctl [command command_args]
encfsctl rootdir
encfsctl info rootdir
encfsctl passwd rootdir
encfsctl showcruft rootdir
encfsctl decode [--extpass=prog] rootdir [encoded name ...]
encfsctl encode [--extpass=prog] rootdir [plaintext name ...]
DESCRIPTION
encfsctl is an administrative tool for working with EncFS filesystems.
It is capable of changing the user supplied password, displaying basic
information about an encrypted volume, and other related operations.
COMMANDS
info
Display basic information about the filesystem. Takes a single
argument, rootdir, which is the root directory of the encrypted
filesystem. The filesystem need not be mounted. Info is also the
default command if only a root directory is provided on the command
line.
passwd
Allows changing the password of the encrypted filesystem. The user
will be prompted for the existing password and the new password.
showcruft
Recursively search through the entire volume and display all files
which are not decodable (only checks filename encoding, not block
MAC headers). This might be useful for cleanup in case you’ve made
use of features which create files which are not decodable under
the primary key.
decode
Allows you to specify an encoded name on the command line, and
displays decoded version. This is mostly useful for debugging, as
debug messages always display encrypted filenames (to avoid leaking
sensitive data through the debug channels). So this command
provides a way to decode the filenames.
The --extpass option can be used to specify the program which
returns the password - just like with encfs.
If no names are specified on the command line, then a list of
filenames will be read from stdin and decoded.
encode
Allows you to specify a filename on the command line, and displays
its encoded version. This is useful if e.g. you are taking a backup
of an encrypted directory and would like to exclude some files.
The --extpass option can be used to specify the program which
returns the password - just like with encfs.
If no names are specified on the command line, then a list of
filenames will be read from stdin and encoded.
EXAMPLES
Show information about an encrypted filesystem:
% encfsctl info ~/.crypt
Version 5 configuration; created by EncFS 1.1 (revision 20040504)
Filesystem cipher: "ssl/aes" , version 2:1:1
Filename encoding: "nameio/block" , version 3:0:1
Key Size: 192 bits
Block Size: 512 bytes
Each file contains 8 byte header with unique IV data.
Filesname encoded using IV chaining mode.
DISCLAIMER
This library is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Please refer to
the "COPYING" file distributed with encfs for complete details.
AUTHORS
EncFS was written by Valient Gough <vgough@pobox.com>.
SEE ALSO
encfs(1)