If you’re storing sensitive files on your Linux system, encrypting them is a smart move. gocryptfs makes it simple. It’s a lightweight, high-performance, open-source tool that lets you encrypt individual files and directories using modern cryptography. This guide walks you through installing and using gocryptfs to protect your data.
What is gocryptfs?
gocryptfs is an encrypted overlay filesystem. It lets you work with your files normally in a “decrypted” view, while the actual data remains encrypted on disk. It’s fast, secure, and perfect for encrypting folders on local drives, external drives, or cloud-synced directories (like Dropbox).
Step 1: Install gocryptfs
On most Linux distributions, you can install gocryptfs via the package manager.
Debian/Ubuntu:
sudo apt update
sudo apt install gocryptfsArch Linux:
sudo pacman -S gocryptfsFedora:
sudo dnf install gocryptfsOr, build from source: https://github.com/rfjakob/gocryptfs
Step 2: Set Up an Encrypted Directory
Create a directory where encrypted files will be stored, and a mount point for decrypted access:
mkdir ~/encrypted
mkdir ~/decryptedInitialize the encrypted folder:
gocryptfs -init ~/encryptedYou’ll be prompted to set a password. Don’t forget it—there’s no recovery.
Step 3: Mount the Encrypted Filesystem
Now mount the encrypted folder to the decrypted view:
gocryptfs ~/encrypted ~/decryptedAfter entering your password, the ~/decrypted folder will show the contents in plain text. You can now read, write, and modify files as normal—but they’re encrypted at rest.
Step 4: Using and Unmounting
Work in the ~/decrypted folder as you would in any normal directory.
To unmount:
fusermount -u ~/decryptedThe decrypted view disappears, but your encrypted data stays safely in ~/encrypted.
Optional: Automate Mounting
To avoid typing the password every time, use gocryptfs -passwd to change it and enable a password cache, or set up auto-mounting via systemd or a script (not recommended on shared machines).
Final Thoughts
gocryptfs is one of the easiest ways to encrypt files on Linux without compromising usability. It’s reliable, fast, and integrates well into a typical workflow. If you value your privacy, it’s worth adding to your toolkit.
Need more Linux tips? Subscribe for updates or drop your questions in the comments.
Leave a Reply