New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow encfs6.xml in different directory #48

Closed
lazyadmins opened this Issue Jan 9, 2015 · 4 comments

Comments

Projects
None yet
3 participants
@lazyadmins

lazyadmins commented Jan 9, 2015

Can you please allow for the encfs6.xml config file to be located in a folder different from the encrypted folder for better security when syncing with cloud providers such as Google drive and Dropbox.

@rfjakob

This comment has been minimized.

Show comment
Hide comment
@rfjakob

rfjakob Jan 9, 2015

Collaborator
export ENCFS6_CONFIG=/foo/bar/.encfs6.xml

But, this does not seem to be mentioned in the man page. I am leaving this bug open until I add it.

Collaborator

rfjakob commented Jan 9, 2015

export ENCFS6_CONFIG=/foo/bar/.encfs6.xml

But, this does not seem to be mentioned in the man page. I am leaving this bug open until I add it.

@pepa65

This comment has been minimized.

Show comment
Hide comment
@pepa65

pepa65 Jan 9, 2015

Makes me wonder, to what degree is the security enhanced by an attacker not having access to the configuration file?

pepa65 commented Jan 9, 2015

Makes me wonder, to what degree is the security enhanced by an attacker not having access to the configuration file?

@rfjakob

This comment has been minimized.

Show comment
Hide comment
@rfjakob

rfjakob Jan 9, 2015

Collaborator

The master key is stored in the config file, encrypted with the password. The attacker can try to brute-force the password, even though the encfs encryption takes measures to slow it down a lot.
Without the config file, the data is basically lost.

Collaborator

rfjakob commented Jan 9, 2015

The master key is stored in the config file, encrypted with the password. The attacker can try to brute-force the password, even though the encfs encryption takes measures to slow it down a lot.
Without the config file, the data is basically lost.

@rfjakob

This comment has been minimized.

Show comment
Hide comment
@rfjakob
Collaborator

rfjakob commented Jan 13, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment