BackTrack 4 and Directory Encryption

eCryptfs is a kernel-native cryptographic filesystem. It’s also a stacked filesystem, which means that eCryptfs must work on top of another filesystem such as Ext3. The result of this is that you don’t need to allocate space for eCryptfs, it will grow and shrink as you add files to it.

The Installation

Install eCryptfs from the package ecryptfs-utils by running the command below in your terminal:

apt-get install ecryptfs-utils

backtrack installation 1

The Configuration

Create a new directory to encrypt. In this case I used a directory called Private in my home folder:

mkdir ~/Private

If you don’t want other users on your system snooping on your Private directory, change its permissions to deny anyone but your user access:

chmod 700 ~/Private

backtrack configuration 1

Now, mount a new eCryptfs filesystem in your new folder:

mount -t ecryptfs ~/Private ~/Private

You’ll be asked some questions by eCryptfs configuration. I selected to use a passphrase, the default AES encryption, and 32-byte key length. Notice the defaults, indicated in square brackets, if you’re not sure about an option. eCryptfs will notice that this is the first time you have used your passphrase, and will ask if it can save a hash so it doesn’t have to warn you every time.

backtrack configuration 2

and go to complete the mount:

backtrack configuration 3

The First Test Step: creating a stuff in the encrypt directory

Now, to test the encryption, go to the Private directory, create a file and umount the ~/Private directory.

backtrack testing 1

The Second Test Step: Try to read the file when the encrypt dir is umounted.

The Private encrypted directory is umounted now.. try to read the file.

backtrack testing 2

The result

Now, remount the partition and take a look in encrypted directory.

backtrack conclusion

Done!